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INTRODUCTION 



I . 



A. DEFINITION OF THE PROBLEM 

Management's concern over adequate controls is useless 
if the data processing system designers, EDP auditors and 
their managers, do not have the proper training and control 
techniques to utilize when designing or reviewing the 
controls associated with computer systems. 

No one has ever made a convincing estimate of the total 
cost of intentional and unintentional loss-causing acts 
associated with Electronic Data Processing <EDP> processes, 
but it is clear that the cost is high. Recently, many 
articles in professional journals as well as textbooks on 
EDP controls have been published responding to the urgency 
of protection and prevention of computer failures and 
frauds. Most of these studies focus on the identification 
of potential exposures, understanding of current control 
technology and the elaboration of EDP audit trails. These 
articles also refer to the importance of estimating costs 
and benefits, the integration of different audit processes, 
and the various natures of computer failures and correspond- 
ing protection and prevention measures [Ref . 1 and 23 . 
However a more formalized methodology remains to be desired. 

As a consequence of this lack of formalized framework, 
the design of EDP control systems frequently relies on 
subjective estimations of the 'EDP controller' or the 
'evaluator' for performing Cost-Effectiveness Analysis 
<CEA). This approach has two major disadvantages. First, the 
dense and complex inter-relationships between potential 
computer errors and related types of control procedures may 
make difficult, if not impossible, for the EDP auditor to 
capture the totality of the problem. Second, the combined 
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us© of control procedures may cause uncontrollable and 
undesirable effects. For example, over-auditing reduces the 
throughput of the computer system due to delays caused by 
redundant control measures, or under-auditing reduces the 
protection effectiveness due to incomplete control measures. 

B. THE NEED FOR CONTROL AND SECURITY OF COMPUTER SYSTEMS 

The management of an entity is responsible for 
establishing and maintaining adequate controls. The 
establishment and maintenance of a system of controls is a 
significant management obligation. 

A complex on-line data communication-oriented system 
consists of various combinations of hardware, software, 
facilities, people, and the policies and procedures that 
interrelate these components. The many diverse components 
and potential entry-points into a complex on-line system 
make it possible for a person, with sufficient technical or 
applications knowledge, to enter the system and make 
unauthorized manipulations of data, programs, or operational 
procedures. Furthermore, control procedures for an on-line 
system cut across many lines of responsibility within an 
organization, creating a control problem in itself. 

As the number of more sophisticated computer installa- 
tions increases rapidly, computers are taking on 
increasingly responsible work. The more vital the work of 
the computer, the more important is to protect it from 
failure and catastrophe, and from criminals and people 
who misuse its power. The following are typical cases of 
critical computer implementations [Ref. 31 : 

• A large city uses a computer for controlling its 
police operations. All police vehicles and ambulances 
are dispatched by men using terminals that inform them 
of the current emergencies. If the computer system was 
put out of action, many of the operations could not be 
controlled . 

• 747s approaching a congested airport are prevented 
from colliding by a computerized air traffic control 
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system. The air traffic density has been allowed to 
increase to such a level that it could not be handled 
without the computer system. 



• A variety of nuclear weapon systems are under computer 
control. The decision to launch a defensive nuclear 
attack is made by men reacting quickly to information 
from computer systems. 

- Commercial data banks contain trade secrets and other 
information that could be worth many millions of 
dollars to the competitors. 

Functions like these demand for data integrity, security 
and privacy. The data processing function must not loose 
vital data, introduce errors into them and permit unauthori- 
zed persons to read or modify the data. 

C. SCOPE OF THE THESIS 

A conventional life cycle of a computer audit process 
consists of the following six phases: 

1. Information gathering. 

2. Evaluation of current control technique. 

3. Identification of new control measures or strategies. 

4. Selection of control strategy. 

5 . Implementation . 

6. Ex-post evaluation. 

This thesis concentrates only on the fourth phase, 
the selection of control strategy, attempting to apply the 
Decision Support Systems (DSS) technology into the cost 
effectiveness auditing process. 

D. OBJECTIVE 

The objective of the thesis is to introduce a DSS for 
CEA. This may help EDP auditors and computer center managers 
to design successful EDP control and security systems, and 
monitor the effectiveness of the existing ones. 

The issue of interactiveness seems to be critical in 
this context since the process of controlling EDP systems is 



14 



expected to be not frequent. The importance of interactive- 
ness is further accentuated when EDP controllers face a 
large combination of controls. Assuming that the DSS 
learning curve of the end-user is low to none, the proposed 
DSS emphasizes on the user friendliness of the system. 

E. CHAPTER OUTLINE 

Chapter 2 gives a summary description of the CEA Model 
that the DSS attempts to apply. The third chapter provides a 
framework addressing user requirements and functions that 
the DSS has to meet. 

The fourth chapter is concerned about the detail design 
of the Dialog Component of the system. The fifth chapter 
discusses the design of the Model Component. The sixth 
chapter describes the design of the Data Component, and the 
seventh chapter focuses on the Database design which is part 
of the Data Component. 

The implementation of the DSS, along with implementation 
problems encountered, is discussed in chapter 8. Chapter 9 
gives an example of the system's operation simulating 
the selection of control strategy process. 

Finally, possible future extensions of the proposed DSS 
and concluding comments are discussed in the last chapter. 
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II . 



THE CEA MODEL 



The purpose of a cost-effectiveness analysis is to 
determine the most cost effective control strategy to reduce 
or eliminate potential errors and failures. It has been a 
generally accepted view that CEA is best used when it is 
integrated in the whole audit process. Some definitions of 
the basic concepts are necessary to the understanding of 
the CEA Model [Ref. 43. 

A. DEFINITIONS OF BASIC CONCEPTS 

1 . The Concept of Exposures 

The key element to start a CEA is not control but 
exposure. The concept of exposure is based on the assumption 
that the degree of vulnerability of computer systems may be 
reduced by enforcing EDP control measures, but cannot be 
totally eliminated due to some errors that remain unpredict- 
able or unable to fully corrected. 

2 . Costs of Controls 

Costs of EDP controls include all costs associated 
with the design, implementation and use of the controls. 
With experience gained in designing and implementing control 
systems, the costs become easier to be identified and 
quantif ied . 

3 . Benefits of Controls 

The identification and quantification of benefits 
derived from control measures is very difficult. One way to 
look at benefits is to interpret them as a function control 
ef f ect i veness . 
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4 . 



Effectiveness of Controls 



The effectiveness of a control is the extent to 
which this control can reduce or minimize the probability 
that an exposure occurs, reduce the damage if an exposure 
happens, and/or recover quickly from a damage. Therefore 
the reliability or performance of a control can be expressed 
as a percentage of control effectiveness relative to the 
related exposure. 

5 . Interdependencies between Controls 

Often, a control, though primarily aimed at correct- 
ing a specific exposure, may affect one or more other 
exposures. Such interdependencies may dramatically affect 
the effectiveness of an EDP control system. 

B. ASSUMPTIONS 

The model assumes that the following conditions hold: 

• Managers and auditors have limited time and capital 
resources for EDP controls. 

• Each corporate computer system is characterized by 
its specific and unique control structure. 

• Independence between potential failures or errors 

within a computer system. 

• Each applied control is expected to prevent, correct 
or eliminate one or more potential errors, and/or 
affect others positively or negatively. 

• Costs for EDP controls are known and quantifiable 

C. SUMMARY DESCRIPTION OF THE MODEL 

Table 1 lists all the variables involved in the mathema- 
tic formulas of the model. The CEA Model consists of the 
following steps: 

1 • Define all Possible Control Sets 

A control set is simply a combination of different 
available EDP controls. If there are n independent controls. 
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TABLE 1 



DEFINITION OF VARIABLES USED BY THE MODEL 



Symbol 



Description 



m 



Pr (e^ ) 



iJ 



k 

TC. 



Number of potential errors or exposures 
Number of individual control activities 
Control activity, where i = 1 to n 
Costs of implementing a^ 

Number of control sets 
Control set, where k * 1 to S 

Potential error or exposure, where j = 1 to m 



Probability that e^ occurs 
Amount of damage when e^ occurs 
Expected damage caused by e 



Effectiveness of control ai on exposure e. 



Expected benefits obtained from a 



Expected benefits obtained from s 



Expected loss resulted in using s 



Costs of implementing s 



Total cost associated with s 
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the maximum number of control sets is defined as follows: 



n 

5 = Z [n! / (i! • (n - i)!)) 

i = l 



This combinatorial approach provides an exhaustive 
identification of control sets- However*, it may lead to a 
huge amount of possible combinations, when n becomes big. 



2. Compute Expected Cost due to EDP Exposures 



Expected losses due to occurrence of EDP exposures 
can be estimated using the weighted probability function, 
the P.E.R.T. method under the Accounting definition, and/or 
the ranking method. 

Under the weighted probability, given an exposure, 
the probability its occurrence, and the amount of its 
damage, the expected loss is defined as follows: 

1 3 = Pr<e 3 ) * d j 



Under the P.E.R.T. method, given an exposure and the 
smallest (11^) , the most likely(12^> and the largest(13^) 
estimated dollar losses if the exposure occurs, the expected 
loss is defined as follows: 

1 = (11 +12 + 13 ) / 6 
3 3 3 3 



The Ranking method is based on two types of subject- 
ive rating scales related to the Rank P and the Rank Q. 
Rank P is the probability of occurrence of computer failures 
and Rank Q is the amount of damage caused by a potential 
exposure. Given P and Q, the expected loss can be computed 
as follows: 



< P + Q-3 ) , 
= 10 / 
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3. Compute the Value of each Control Activity 

The value of a control activity a is defined as 
the sum of the products between the expected amount of 
damage 1^ and the effectiveness of a^ on exposure : 



m 

Z Cl. 



f i3 ) 



1 j = 1 3 

4 . Compute the Total Value of each Control Set 



The calculation of the value of each control set 
must take into consideration joint effects of multiple 
control activity on single exposure, 
ins : 



For all a contained 
i 



n 



m 



z 

i =1 


rs 

■u 

II M 

AS 

H* 

(-J 


• f io 


n 


m 


n 



) ) 



if f i3 > °' = °' 

for all p; a € s 

r K 



+ z < z <1 -ci- n -<i-f. >))) if f . f > o, 

i=l J = 1 J i=l 

for all i*p; a € s 

P k 



5. Compute the Total Expected Loss for each Control Set 



The enforcement of control measures is likely to 
reduce the probability of occurrence of computer failure 
and, consequently, the expected loss. However the reduction 
of expected loss is effective only on the exposures that are 
affected by controls. The computation of expected losses 
includes joint effects of control activities. Thus, for all 
a in s : 



L 



k 



n 


m 




Z 


C Z (1, 


• f . . 


i = 1 


3 = 1 3 


1 3 


n 


m 


n 



if > °’ f P3 * 

for all p; a € s 

H r\ 



- * s < z <i , 

i=l 0 = 1 3 



m 




<1- n -<l-f ))>) if f - f > 0, 

i=l ±3 ±3 P3 

for all i^p; a € s 

P k 

else 
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6. Compute the Cost for each Control Set 



The cost of the control set C, , is the sum of the 

k 

costs of the individual control activities in the set: 

n 

C. = Z c if a, € s - k = 1,S 

k i = i i a. k 

7. Compute the Benefit Cost Ratio for each Control Set 

The Cost Benefit Ratio of a control set s, can be 

k 

defined as the gross value of s^(step 4) divided by the 
total cost of the setCstep 6): 

BCR = V / C, where k = 1,S 

k k 

8. Compute Total Expected Cost for each Control Set 

The total expected cost for the control set is the 
sum of the total cost of control C^ plus the total expected 
loss : 

TC = C, + L, where k = 1,S 

k k k 

9. Select the Optimal Control Set 

The determination of an optimal control set depends 
on the selection criterion adopted by EDP managers or 
auditors. One can either choose the control set that minimi- 
zes the total expected cost(TC^) or the one that maximizes 
the Benefit Cost Ratio(BCR). BCR represents the amount of 
benefits obtained per unit of cost of the investment. 

Figure 2.1 represents the whole process of the CEA 

Model . 
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Figure 2.1 The Process of the CEA Model 
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Ill 



THE DSS FRAMEWORK 



The literature on DSS agree upon the emergence of the 
three main components of a DSS: the Dialog component, the 

Model component and the Data component. The separation of 
these components can result in simplicity of development and 
maintenance [Ref. 53. Although these advantages are extreme- 
ly desirable, there are cases where the complexity of the 
model component makes the complete separation ineffective. 

The CEA-DSS falls in that category because the nature of 
the CEA Model requires a fairly complex and restrictive User 
Interface. The Quick-hit development strategy, according to 
which the DSS has been developed, consists of using the 
latest technology to quickly design a low-cost system for 
immediate pay-off [Ref. 63. 

A. THE ROLES AND FUNCTIONS OF THE CEA-DSS 

From the decision maker point of view, the user may 
expect CEA-DSS to perform the following functions: 

• Save substantial amount of time to generate the 
numerous alternative control combinations. 

- Support him or her to evaluate the alternatives and 
choose among them the alternative that fits better at 
the particular situation according to the available 
budget . 

• Provide the capability to monitor EDP control and 
security systems in terms of Cost-Effectiveness. 

• Provide graphical and tabular analyses to help the 
decision maker select close alternatives. 

From a system analysis viewpoint , CEA-DSS essentially 
performs the roles of data analysis and generation of 
expected costs and benefits of control strategies. Data 
analysis also allows the decision maker to sort the data. 
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B. THE SYSTEM RESOURCES 



Decision processes are dependent on variations in 
decision makers, i.e. users, as well as types of problems or 
tasks. Observations on decision makers indicate that: 

• Many users have trouble describing a decision-making 

process. They seem, instead, to rely on 

conceptualizations, such as graphs or tables, when 
making or explaining a decision [Ref. 7]. Thus the DSS 
must help the user to conceptualize a problem. 

■ Users need memory aids [Ref. QJ . These memory aids 

may be physical, such as scratch paper, memos, or 
reports. The DSS should provide memory aids compatible 
with their needs. Directories, databases, workspaces, 
triggers are some typical memory aids the DSS should 
provide the user. 

• Users have different styles, skills and knowledge 

[Ref. 93. Therefore, if the DSS is designed to support 
a specific process, it would probably support a 

specific set of styles, skills and knowledge. 

• Users expect to exercise control over the DSS. Direct 
control of the DSS allows the DSS to satisfy the 
different styles mentioned above. The user must 
understand what the DSS can do and be able to interpret 
its outputs. 
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IV. THE DIALOG COMPONENT 



Th© dialog component is the most elegant part of the 
DSS design. There are no absolute rules or algorithms for 
the design process. It is often left upon the intuition of 
the designer to balance user requirements with system 
requirements and provide the optimal dialog component. 

The dialog component of the CEA-D55 consists, at least 
conceptually, of the following three main units: 

• The user interface. 

• The intermodule linkage. 

• The control. 

A. THE USER INTERFACE 

The user interface unit provides the link between the 
user and the system. Its primary concern is to make .the 
system 'user friendly'. Even if a DSS provides extremely 
powerful functions, it may not be used if the user interface 
is unacceptable. 

For the CEA-DSS a full screen frame is the standard 
presentation of the system to the end-user. The user, having 
only one screen format to deal with, gets familiar with the 
system faster. 

The man-machine interaction is carried out through 
menus, questions/answers, messages, input/output forms, 
graphics, printed reports and a help facility. 

1 . The F rame 

Figure 4.1 shows the frame of the CEA-D5S. It is 
divided into the following areas: 

• The PROBLEM area. In this area appears the description 
of the problem currently processed. 
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• The ACTION area. This area informs the user about which 
part of the system is currently accessed. 

• The WORK area. This is the place where the greatest 
part of the dialog is accomplished. All the menus, 
messages, input /output forms and the directory of the 
DSS appear here . 

The SUBMENU/SELECTION area. In this area appear 
submenus in line format and the user is asked to make a 
selection. This area is also reserved for 
question/answers and the 'press any key..' prompt, 
reminding the user that the system is waiting for some 
action . 



EFFECTIVENESS OF CONTROL AND SECURITY OF COMPUTER SYSTEMS 
PROBLEM: j ACTION: 



WORK AREA 



SUBMENU/SELECTION AREA 



Today Is: ##/##/#### 



Figure 4.1 The Frame of the CEA-DSS 
2 . The Menus 

The menus of the CEA-DSS are organized in a four 

level tree hierarchy. The root of the tree is the MAIN MENU 
* 

of the system. From this menu can be called any menu that 
belongs in the second level. The latter contains has the 
DATABASE MENU, the MODEL MENU, and the SENSITIVITY ANALYSIS 
MENU. The third level consists of the database submenu, the 
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CONTROL STRATEGY MENU, the GRAPHICS MENU and the PRINT 
MENU. Finally, in the fourth level there are the control 
strategy, the graphics and print submenus. Figure 4.2 shows 
the tree hierarchy of the menus. 

One level at a time, upwards or downwards, is 
allowed for the same branch of the tree. Changes from one 
branch to another require the control to be routed up to the 
root of these two branches. Although this is a little 
restrictive for the user, it improves the indermodular 
independence and, consequently, the overall control and 
clarity in the system. 

All the menus, submenus not included, have their own 
help command which the user may use to get some useful 
information about the area of the DSS he/she is currently 
accessing. Most of the menus are discussed in Chapter 9. 

3 . Questions/ Answer s 

There are a few questions/answers in the CEA-D3S. 
They are used either in cases where the system must be 
reassured that the user made the correct selection, or for 
single data entries. 

4 • Messages 

Messages, almost always, appear at the center of the 
work area accompanied by a 'beep' sound. Messages, according 
the reason of their initiation, fall into the following 
three categories: 

- Trigger Messages. These remind the user that certain 
operations may need to be performed that the system 
cannot accompl ish . 

- Informal messages. They inform the user about what 
process is the system performing. The primary concern 
of this category is to cover the gaps in the dialog 
caused by time consuming processes. 

. Error Messages. They are initiated when the user 
supplies the system with incorrect entries. While 
editing exposures or controls, 'beep' sounds notify the 
user for entry errors. 
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Figure 4.2 Menus' Tree Hierarchy 
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All messages along with the reason that causes their 
initiation are listed in Appendix A. 

5 . In put /out put Forms 

The system needs only three forms for its operation. 
Two of them are input/output forms and one output form. One 
input/output form is dedicated to the Control activities and 
the other one to the Exposures. Both are used by the 
Database Management System for editing purposes. The output 
form is used by the Sensitivity Analysis for presenting 
the most effective or most cost effective Control Strategy. 

Figure 4.3 shows the two input/output forms. Fields 
filled with Xs indicate that any character is valid, while 
9s represent numeric characters only. Notice that the 
control input/output form is a variable one. The number of 
the "Effectiveness on Exposure" fields that appear on the 
form depends on the number of Exposures. 

6 . Graphics 

The objective of the graphics part is to help the 
user conceptualize the differences among alternatives over 
the cost range he/she prefers. Graphics can also be used to 
supply parameters for the operations. For example, a point 
selected on a graph can identify a key value that will be 
used to retrieve detailed information. Representations like 
curves and histograms are the most appropriate for this 
particular application . 

7 . Printed Reports 

Although not technically a part of the D5S, printed 
reports are aimed to provide the user with an easy-to-read 
summary of the processed problem. This summary consists of 
the exposure table, the control table and the listing of 
the sets generated by the model. The user may select any of 
these reports or all of them to be printed. 
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PROBLEM: PROBLEM 


ACTION: ADD EXPOSURE 


Index:01 Descript ion: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 


WEIGHTED: Damage : *99999999 


Probability:0.999 




P.E.R.T: S«al lest .-$99999995 


1 Most Likely: $99999999 


Largest: *99999999 


RANKS: Rank P:9.999 


Rank (3:9.999 






Rank P Daaaoe caused by error 


Rank Q 


Damage caused by failure 


0 virtually impossible 




0 


negligible 


1 night happen once in 


400 years 


1 


about 


*10 


2 Bight happen once m 


40 years 


2 


about 


*100 


3 aught happen once m 


4 years 


3 


about 


*1,000 


4 wight happen once in 


100 days 


4 


about 


*10,000 


5 might happen once m 


10 days 


5 


about 


*100,000 


6 raight happen once in 


1 day 


6 


about 


*1,000,000 


7 night happen ten tines a day 


7 


over 


*1,000,000 


IS RECORD CORRECT (Y/N) ? : 






i 

l 


Today Is: 8/19/1985 



PROBLEM: PROBLEM! 



ACTION: ADD CONTROL 



Inaex:01 Deseriot lor. : XX XXXXXXXXXXXXXX X XXXXXXXXXXXXXXXXX XXXXXXXX XXXXX XXX 






Cost: $99999999 












Effectiveness 


on 


Exposure 


1: 0.999 


Effect iveness 


on 


Exposure 


13: 


0.999 


Effectiveness 


on 


Exposure 


2: 0.999 


Effect iveness 


on 


Exposure 


14 : 


0. 999 


Effectiveness 


on 


Exposure 


3: 0.999 


Effectiveness 


on 


Exposure 


15: 


0.999 


Effectiveness 


on 


Exposure 


4 : 0.999 


Effectiveness 


on 


Exposure 


IE: 


0. 999 


Effectiveness 


on 


Exposure 


5: 0.999 












Effectiveness 


on 


Exposure 


6: 0.999 












Effectiveness 


on 


Exposure 


7: 0.999 












Effectiveness 


on 


Exposure 


8: 0.999 












Effect iveness 


on 


Exposure 


9: 0.999 












Ef recti veness 


on 


Exposure 


10: 0.999 












Effectiveness 


on 


Exposure 


11: 0.999 












Effect iverress 


on 


Exposure 


12: 0.999 













IS RECORD CORRECT (Y/N) ? : 



i Toaav' Is: 8/19/1985 

! 



Figure 4.3 Input/output Forms 
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8 . Help 



The purpose of the help facility is to provide the 
user with on-line information about the specific area of the 
system he/she is currently accessing. Each help, one for 
each menu, is written in such a level of detail that enables 
its presentation in one full screen frame only. All help 
documents appear in Appendix B. 

B. THE INTERMODULE LINKAGE 

This unit assures the liaisons with the model and the 
data component. Usually, it is maintained by a set GOTO, 
CASE and IF_THEN_ELSE statements. Its nature and structure 
are highly dependent on the programming language and the 
hardware configuration being used for the CEA-DSS. 

C. THE CONTROL 

On the one hand, as in section 3.B stated, users expect 
to exercise control over the DSS. On the other hand, the 
system has to control its processes to assure an error free 
operation, not affected by incorrect entries and requests. 
The control unit is the part of the dialog component which 
bridges these two requirements. It is the filter between the 
user interface and the intermodule linkage unit. Validation 
of input data and verification of user requests are its 
primary functions. All the error messages are initiated by 
this unit. Finally, it can be stated that the control unit 
provides the boundaries within which the user is allowed to 
control the process. 
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V. THE MODEL COMPONENT 



Th© most important units of th© model component ar© 
the Model Base, the Model Base Management, the Model executi- 
on, th© Sensitivity Analysis, the Dialog Interface and the 
Data Interface. 

A. THE MODEL BASE 

Th© following five routines, required for th© CEA Model, 
are the content of the model base for the CEA-DSS. (The 
mathematical definition of these methods was discussed in 
section 2.0. 

1 • The Weighted Method 

This routine computes the expected cost due to EDP 
exposures using the weighted probability function. It 
retrieves the required data, directly from the data base, 
manipulates the data and stores the results in memory for 
subsequent computations . 

2 • The P . E . R . T . Method 

It is exactly the same with the Weighted Method 
routine except that it uses the P.E.R.T. method to compute 
the expected cost due to EDP exposures. 

3 • The Ranking Method 

Similar to the others, it computes the expected cost 
due to EDP exposures using the Ranking Method. 

4 • The Ef f ecti ve Control 

The role of this routine is twofold: To compute the 
Value of each Control activity and, if possible, to reduce 
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the number of the control activities that will be actually 
used in the generation of the control sets. The routine, 
having the results of one of the tree methods, retrieves, 
directly from the database, data related to the Control 
activities. For each Control, it computes first the value 
and then, it compares that value with the associated cost. 
If the value is greater that the cost, the result is sent to 
a secondary storage for subsequent computations. If the 
value is less or equal to the cost, the Control activity is 
ignored . 

5. The Control Sets 

The output of the Effective Control routine is used 
by the Control Sets to generate the control sets, ^or each 
control set it computes the steps 4 to 8 described in the 
CEA model. If the Total Value of the set is greater than its 
cost, the set is stored in the database for decision 
analyses support, otherwise it is ignored. 

B. THE MODEL BASE MANAGEMENT 

The role of the Model Base Management is to coordinate 
the model base and the data analysis functions. Since the 
CEA-DSS is aimed to support only the model described in 
Chapter II, the Model Base Management does not provide for 
on-line modeling or model update and restructure. 

Its most important function is to enable the user to 
utilize the model base fully for decision support and to 
perform analysis of the results. This function is performed 
by iterative rerun of the model. 

Also, it is responsible to update the Problem record, 
kept in the directory of CEA-DSS, with key information about 
the model runs. Thus, any future reference to this problem 
will not require any model execution, except if modifica- 
tions take place on the initial data or on the cost range. 
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c. 



MODEL EXECUTION 



Contains statements to call routines from the model 
base. It controls the execution of the model assuring the 
logical sequences of computation. 

D. SENSITIVITY ANALYSIS 

The Sensitivity Analysis unit helps the user analyze the 
results of the model runs. It is directly controlled by the 
dialog component. This unit consists of all the routines 
associated with graphic representations, control strategy 
selection and hard copy reports. 

Input data for the sensitivity analysis are the control 
sets in the set files. As stated earlier, a model run may 
produce thousands of control sets. Therefore, it is usual 
several control sets to have exactly the same cost. Since 
the amount of data is huge and the analysis is primarily 
based on costs, the control sets in a set file must be 
indexed on their cost. This creates the requirement for the 
database system to provide for direct file access and to 
allow the existence of duplicate keys within the same index. 

E. DIALOG INTERFACE 

The model component is directly interfaced with the 
dialog component in order the user to gain control over its 
processes. He/she is able to select the desired statistical 
method and cost range for a model run and the cost range for 
the data analysis process. 

F. DATABASE INTERFACE 

The model component is directly interfaced with the data 
component. This enables the model component to create and 
delete the set files where the generated control sets are 
stored . 
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VI 



THE DATA COMPONENT 



The data component consists of two main units. The 
the Database Management System and the Database discussed 
in the next chapter. 

A. THE DATABASE MANAGEMENT SYSTEM (DBMS) 

The complexity of the Dialog component and the Model 
component, as well as the effective and efficient operation 
of the system lead to the selection of a Relational Database 
system. One characteristic of a Relational Database is the 
use of fixed length records. However, variable length 
records cannot be avoided. Since the data component requires 
functions like addition, deletion and modification on data, 
the elimination of modification anomalies seems to be of 
high priority. 

The DBMS provides capabilities for sequential, indexed 
sequential and direct file access. Indexes are organized as 
B-trees. In a B-tree, a data unit is accessed by using a 
key. Any given key, primary key, is related to one and only 
one data unit in a data file. The system permits also the 
existence of duplicate keys or secondary keys, which are of 
great importance for the sensitivity analysis as discussed 
in the previous section. 

B. FILES USED BY THE SYSTEM 

Files in the system can be divided into three 
categories, according to their initial creation: 

• Files created by the data component . These are the 
directory of the system and its index. The directory 
contains all the problems available in the system's 
library indexed on their description. Duplicate problem 
description is not permitted. 
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• Files initiated by the user. The Controls file and 
the Exposures file fall in that category, indexed on 
their 'index'. Index is a unique key generated by the 
DBMS for management purposes. It keeps track of 
modification anomalies and makes the user's work 
easier. Actually, it identifies the current position of 
the data unit in the data file and NOT the data unit 
itself . 

• Files created by the model execution. Each time the 
model is executed for a specific method, a set file is 
created indexed on set cost. Duplicate keys are 
necessary here because it is possible several sets to 
have the same cost. These files cannot be modified by 
the user or the system. 



C . FILE CREATION/RETRIEVAL 



The Data component has the flexibility to deal with 
library of problems and not with only one problem. In order 
to achieve that, it must have the ability to recognize and 
retrieve the files related to the problem in request, or to 
create files for that problem, if it is not found in the 
directory of the CEA-DSS. The algorithm followed is the 
following : 

• The directory of the system has the fixed file name 

'PROBLEM'. The data file has the fixed filetype 

'DTA'and its index the 'IDX'. 

• All the files created for one problem have as file 
name the description of the problem. 

• The controls file has as filetype the 'DCL' and its 
index the 'ICL'. 

• The exposures file has as filetype the 'DXP' and its 
index the ' IXP' . 

• For the set files the algorithm used is more 

complicated. Additionally, the DBMS must be provided 
with an identifier indicating the method to which the 
set file refers. For that reason, the filetype for set 
files is separated into to fields. The first one, one 
character long, identifies the method, and the second 
one, two characters long, identifies the data file or 
the index. For the first field, the letters 'W','P' and 
'R' correspond to the Weighted , Pert and Ranking method. 
For the second field, the 'DT' denotes the data file 
and the 'IC' the index file. 
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VII . DATABASE DESIGN 



To some extent. Database design is an intuitive and 
artistic process. There is no algorithm for it. Typically, 
it is an iterative process. During each iteration, the goal 
is to get closer to an acceptable design. The database 
design is divided into two phases: logical design, where the 
needs of user are specified, and the physical design, where 
the logical design is mapped into the constrains of particu- 
lar program and hardware products. 

A. LOGICAL DATABASE DESIGN 

1 • Logical Database Records 

The database of the CEA-DSS is required to maintain 
four different kinds of records. The first one, the PROBLEM 
record, is the data unit of the system's directory. Each 
problem has its own unique record. This record, except the 
problem description, contains key information about the 
most recent execution of the model on that problem. The 
second, is the EXPOSURE record. This record contains the 
description of the exposure and weights for the three 
methods. The third, the CONTROL record, has the description, 
the associated cost and elements indicating the effecti- 
veness of the control activity on different exposures. The 
last, the SET record, is the output of the model execution 
and contains the combination of the control activities, and 
the results of the model run. Field descriptions for the 
logical database records are shown in Table 2. 

Constraints on data items appear on Table 3. These 
constraints are limitations on the values that database can 
have. They are divided into three groups. Field constraints 
limit the values that a given data element can have. 
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TABLE 2 

LOGICAL DATABASE RECORDS 



Field 



Description 



PROBLEM Record: 

Problem_Descr i pt ion 
Probl em_ Creator 
Problem_Date 
Control s_f or _ 

Weigh ted _ Method 
Controls £or_ 

P.E.R.T._Method 
Control s_f or _ 

Rank ing_ Method 
Wei gh ted _ Method _ 

Total _Cost_of _ Control s 
P . E . R . T . _Method_ 

Total _Coat_o£_Contro Is 
Ran king_ Method 

Total Cost o? Controls 



Alphanumeric, 8 characters 
Alphabetic, 25 characters 
Format MM/DD/YY 



Numeric ( integer ) , 
Numeric < integer ) , 
Numeric ( integer ) , 
Numeric < integer ) , 
Numeric < l nteger ) , 
Numeric ( integer ) , 



2 digits 
2 digits 
2 digits 
10 digits 
10 digits 
10 digits 



EXPOSURE Record : 

Exposure_Descr lpt ion 
Exposure^ Damage 
Exposure_Probabi 1 i ty 
Small est_Damage 
Most_Likel y _ Damage 
Largest_Damage 
Exposure_RankP 
Exposure_RankQ 



Alphanumeric, 50 characters 
Numeric ( integer ) , 8 digits 

Numeric < real ) , 5 digits 

Numeric ( integer ) , 8 digits 

Numeric ( integer ) , 8 digits 

Numeric < integer ) , 8 digits 

Numer ic ( real ) , 5 digits 

Numeric ( real ) , 5 digits 



CONTROL Record : 

Control _Descr l pt ion 
Control _Cost 
Control _E£ £ ect i veness 
on_Exposure 



Alphanumeric, 50 characters 
Numer ic ( integer ) , 8 digits 

Numer ic ( real ) , 5 digits 



SET Record : 

Set_combi nation 
Expected^ Bene£ its 
Expected_Loss 
Set_Cost 
Expected Cost 
Benefit Cost Ratio 



Numenc(binary) , variable 
Numer ic C l nteger ) , 10 digits 

Numer ic ( integer ) , 10 digits 

Numer ic ( integer ) , 10 digits 

Numer ic ( integer ) , 10 digits 

Numer ic ( real ) , 5 digits 
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TABLE 3 

CONSTRAINTS FOR LOGICAL DATABASE RECORDS 
Field Constraints : 

Problem_Descr iption must not be null 
Controla_for - Weighted_Method must not be 0 
Con tr ol a_f or_P . E . R . T . ^Method must not be 0 
Controls_£or_Ranking_Method must not be 0 
Exposure_Probability must be from 0.000 to 0.999 
Exposure_RankP must be from 0.000 to 7.000 
Exposure_RankQ must be from 0.000 to 7.Q00 
Control_E£ f ecti veness_on_Exposure from 0.000 to 0.999 
Benef i t_Cost_Ratio must be greater than 1.000 

Intrarecord Constraints: 

Most_Likely_Damade greater than Smal lest_Damage 
Largest_Damage greater than Most _Li ke 1 y _ Damage 

Interrecord Constraints : 

Problem_Descr iption must be unique 
Exposure_Descr iption may be unique 
Control_Descr iption may be unique 

The number of Controls f or _Wei ghted _Method fields must 
be equal or less than Ehe numoer of Control records. 
The same must be true for the Controls_for_P.E.R.T and 
Rankmg_Metnod . 

The number of Control _Ef f ect i veness_ on _ Exposure fields 
must be equal to the numDer of Exposure records. 

The level of the Set _Combi nation must be equal or less 
than the number of Control records. 
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Intrarecord constraints limit values between fields within a 
given record. Interrecord constraints limit values between 
fields in different records [Ref 103. 

2. Logical Database Record Relationship 

Figure 7.1 shows possible relationships among the 
records used by CEA-DSS. This figure is a data structure 
diagram. Single/double arrow notation is used to express a 
one-to-many relationship and double/double arrow represents 
a many-to-many relationship. 




Figure 7.1 Data Structure Logical Diagram 

The above complex network is further decomposed 
into trees in order the database to be able to deal with 
the data requirements. Figure 7.2 shows the decomposition 
of the complex network. It is a four level tree structure 
and represents relationships according to the model specifi- 
cations. For clarity purpose, the Exposure is represented 
with the letter 'E' and the Control with the letter 'C'. 
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The dashed lines connecting sets with controls and controls 
with exposures indicate that it is not necessary for a set 
to include all the control activities or a control activity 
to influence all the exposures. 




Figure 7.2 Decomposition of the Data Structure 

3. Data Manipulation in the CEA-DSS Database 

The possible transactions and the data that the 
transactions can change are listed in Table 4. Some transac- 
tions change data, some add new data, some delete data and 
some are simple queries. Queries are all the transactions in 
the sensitivity analysis part. No data are modified. 
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TABLE 4 

POSSIBLE TRANSACTIONS FOR THE CEA-DSS 



Transaction 


Data or Transaction Involved 


NEW PROBLEM 


Add one record in the directory 

Create Control and Exposure files 

Add, at least, two Exposures and 
two Control activities 


DELETE PROBLEM 


Erase Control and Exposure files 

Erase any existing Set File 

Remove the Problem record from 
the directory 

Erase the directory, if there is 
not another problem in it 


ADD EXPOSURE 


Add one record in the Exposure file 
Update records in the Control file 


ADD CONTROL 


Add one record in the Control file 


DELETE EXPOSURE 


Remove record from the Exposure file, 
if it has more than two records 

Remove references to this Exposure 
from the Control records 


DELETE CONTROL 


Remove record from the Control file, 
if it has more than two records 


EDIT EXPOSURE 


Modify record m the Exposure file 


EDIT CONTROL 


Modify record in the Control file 


MODEL EXECUTION 


Erase any existing Set file for the 
selected method. 

Create Set file 

Add Control Sets in the Set file 

Update record of the current problem 
in the directory of the system 
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B. PHYSICAL DATABASE DESIGN 



During the second phase of the database design, the 
physical design, a transformation takes place. The logical 
schema is transformed into the particular data constructs 
that better satisfy the implementation requirements and 
constraints . 

1 . Design Constraints 

One implementation requirement for the CEA-D5S is to 
be used on microcomputers. This requirement along with the 
other requirements, discussed in the framework, introduce 
the following constraints for the physical database design 
phase : 

• Integer numbers are not allowed in the system. All 
numbers have to be of type real and will be stored 
in the system as strings of characters. 

• The length of records in bytes must be limited as much 
as possible because of microcomputer limitations. 

• Since the size of the Control record depends on the 
number of the Exposure records, the number of Exposures 
for one problem may be 24 at maximum. 

• The number of control activities for one problem are 

limited to 13 at maximum. Three model runs, one for 
each method, for a problem having 13 control 

activities, may generate up to 24,576 set records. 
These records need at least 3 Mbytes to be stored. 

2 . The Physical Schema 

The Physical database records are slightly differen- 
tiated from logical records to satisfy the design 

constraints. The field description of the records is shown 
on Table 5 where all numerics are of type real and the 
abbreviation 'char' instead of 'character' is used. 

Keys are identified according to the data retrieval 
requirements. The record relationships and constraints 
emain the same as in the logical design. 

The idea of having flat files in the database is 
infeasible because of the model's computational complexity. 



43 



TABLE 5 

PHYSICAL DATABASE RECORDS 



Field 



Description 



PROBLEM Record: 

Indexed on Problem_Descr iptlon 



Problem_Descr iptlon 
Problem_Creator 
Problem_Date 
Control s_£or_ 

Weighted_Method 
Controls for, 

P . E . R . T . ^Method 
Controls,for 

Ran king_ Method 
Weighted Method^ 

Total _Cost_of ^Controls 
P.E.R.T. _ Met hod _ 

Total_Coat_of_Controls 

Ranklng,Method, 

Total^Cost of Controls 



Alphanumeric, 8 char 
Alphabetic, 25 char 
Format MM/DD/YY 

Array(1..13) of 2 char 

Array(1..13) of 2 char 

Array(1..13) of 2 char 

Numeric, 10 char 

Numeric, 10 char 

Numeric, 10 char 



EXPOSURE Record: 

Indexed on Exposure,Index 



Ex posure, Index 
Expoaure_Descr iptlon 
Exposure_Damage 
Exposure _Probabi 1 i ty 
Smal lest _ Damage 
Most_Likely_Damage 
Largest_Damage 
Exposure_RankP 
Exposure_RankQ 



Numeric, 2 
Alphanumer 
Numeric, 8 
Numeric, 5 
Numeric, 8 
Numeric, 8 
Numeric, 8 
Numeric, 5 
Numeric, 5 



char 
ic , 50 

char 
char 
char 
char 
cnar 
char 
char 



char 



CONTROL Record: 

Indexed on Control _ Index 

Control _ Index 
Control _Descr i ption 
Control_Cost 
Control_Effectiveneas, 
on _ Exposure Cl.. 24 ) 



Numeric, 2 char 
Alphanumeric, 50 char 
Numeric, 8 char 

Numeric, 5 char 



SET Record : 

Indexed on Set_Cost 

Set, comb mat ion 
Expected, Benefits 
Expected _ Loss 
Set_Cost 
Expected,Value 
Expected Cost 
Benefit Cost Ratio 



Array ( 1 . . 13 ) 
Numeric, 10 
Numeric, 10 
Numeric, 10 
Numeric, 10 
Numeric, 10 
Numeric, 5 



of 2 char 
char 
char 
char 
char 
char 
char 
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Wore specif ically, the use of flat files should increase 
dramatically the time required for a model run, something 
undesirable for a DSS . 

Variable length records are used instead. This 
variability in length results in loss of storage capacity 
because the record occupies space equal to its maximum 
length regardless its actual length. This, off-course, is 
the primary disadvantage of the variable length records, but 
for that particular application is justified by the fact of 
time savings. 
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VIII. IMPLEMENTATION OF THE CEA-DSS 



On© of th© objectives of th© implementation phase is to 
use the CEA-DSS with microcomputers . 

A. THE PROGRAMMING LANGUAGE 

The complexity of dialog and data component underline 
the need for a structured programming language which can 
support character manipulations, screen management and, to 
some degree, mathematic calculations. Turbo Pascal 
(Version 2.0) was chosen for this particular implementation. 

B. SUPPORTING PACKAGES 

Turbo Access Toolbox (Version 1.00) is used for the 
database management system. Turbo Access provides for 

sequential, indexed sequential and direct file access, 

allowing and the existence of duplicate keys in an index 
file. Turbo Graphix Toolbox (Version 1.00A) is used for the 
graphics part of the system. 

C. THE DATA FLOW IN THE CEA-DSS 

In order to deal with the high complexity of the data 
and transaction flow, it was necessary to divide the system 
from the beginning into four major areas. This helped to 

draw the initial diagrams. Using these diagrams as the base, 

after reviews and refinements, the final software structure 
was derived. These four areas are the following: 

1 • The Main Area 

This area contains data flows and transactions 
occurring from the initialization of the system until the 
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main menu appear on the screen and the user make his/her 
selection. Figure 8.1 shows the refined flow diagram of the 
main area. 

2 . The Database 

Figures 8.2, 8.3 and 8.4 are the flow diagrams of 
this area. It contains transactions and data flows related 
to the database management system, like updating control and 
exposure files, switching problems, and deleting problems. 

3 . The Model 

The model area diagram. Figure 8.5, describes all 
the operations of the model execution. Figure 8.6, presents 
in detail the data flow during the generation of the control 
sets. This is the most important and most complex part of 
the CEA model and is included here for maintenance and 
future modification or improvement purposes. 

4 . The Sensitivity Analysis Area 

Transactions and data flows associated with the 
decision support part of the CEA-DSS are illustrated in 
Figures 8.7, 8.8 and 8.9. 

D. SOFTWARE STRUCTURE 

The refined software structure. Figure 8.10, is a 
rearrangement of the flow diagrams from the perspective of 
the flow of control in the system. The requirement for the 
user to access control over the whole process, underlines 
the need for a hierarchical flow of control among the 
various processes of the system. Top-down is considered as 
the most effective design for the CEA-DSS since it results 
in a modular and highly cohesive software structure. 
Modularity and high cohesion facilitate the coding and 
maintenance phases . 
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Figure 8.1 Main Area Flow Diagram 
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Figure 8.2 



Database Flow Diagram 
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Figure 8.3 Delete Problem Flow Diagram (Database) 
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F igure 8.5 



Model Flow Diagram 
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Figure 8.6 Control Sets Flow Diagram (Model) 
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F igure 8 . 7 



Sensitivity 



Analysis 



Flow Diagram 
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Figure 8.8 Control Strategy Flow Diagram (Sena. Analysis) 
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Figure 8.9 Graphics Flow Diagram (Sena. Analysis) 
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F igure 8,10 



The 



Refined Software 



Structure 
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E. IMPLEMENTATION PROBLEMS 



The most serious implementation problems are problems 
associated with the memory management of a microcomputer. 
The capacity of the memory dedicated to the Central 

Processing Unit (CPU) is 64 Kbytes for a microcomputer. 
Consequently, the size of the program part called, along 
with all the type declarations and the supporting modules, 
must not exceed the size of the CPU's memory. This is a 
troublesome limitation when dealing with long programs. 

This is the case for the CEA-DSS. The inclusion of the 
Turbo Access and Turbo Graphix packages within the actual 
program further limited the allowable size of its modules. 
Reduction of the module size implies a loose control 
hierarchy. An effort to reorganize the software structure 
resulted in undesirable control flow inefficiencies. 
Fortunately, Turbo Pascal provides for overlay organization 
which eliminates the memory size limitation. 

A technique, called overlays, is used to allow the 
system to be larger than the amount of memory allocated to 
it. The idea of overlays is to keep in memory only those 
instructions and data that are needed at any given time 
[Ref. 11]. When other instructions are needed, they are 
loader into space that was previously occupied by 

instructions that are no longer needed. However, this 
technique suffers from the following limitations: 

• A module must first be loaded into the memory in order 
to be executed. This causes the system to run somewhat 
more slowly, due to the extra I/O operation to read 
the module. For this reason, it is recommended to load 
the CEA-DSS software on a hard disk or a ram disk. High 
access speed devices would result in considerable 
reduction of access time. 

• Since overlays share the same space in memory, a module 
cannot call modules which belong in another overlay 
of the same area. For example, a module calls another 
one from a different overlay. This overlay is loaded in 
place of the caller and the called module is executed. 
The problem is that after its execution the system is 
meshed because it does not find the caller to return. 
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This introduced additional problems to the original 
structure of the program. The inclusion of control code, 
like flags, labels, case and if then else statements, helped 
in establishing communications among the various overlays of 
the same area. 

F. EFFORT DISTRIBUTION FOR THE CEA-DSS DEVELOPMENT 

CEA-DSS was built in five months and required an effort 
of six man-months. Table 6 shows the distribution of the 
effort, in percentages, among the different phases of the 
CEA-DSS development . 



TABLE 6 

EFFORT DISTRIBUTION 


Tim© 


Activities 


20 * 


Requirements Analysis and Initial Design 


23* 


Detailed Design 


30* 


Programming, Debugging and Testing 


5* 


Initial Testing and User's feedback 


22* 


Stepwise refinement of the components 
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IX 



A SESSION WITH THE CEA-DSS 



The objective of this chapter is to illustrate the 
operation of the CEA-DSS. The figures in this chapter have 
been generated during the testing phase of the CEA-DSS on a 
IBM PC-XT microcomputer. 

A series of screens has been suggested as the most 
effective way to describe step-by-step the system's basic 
operation . 

STEP 1 ; Drive definition (Figure 9.1). The system has 
the flexibility to use a different drive for its database. 



EFFECTIVENESS 0F ( CONTROL ftND SECURITY OF COMPUTER SYSTEMS 
PROBLEM: j ACTION: 



DEFINE THE DRIVE YOU UANT TO USE FOR FILES 

IT IS BETTER THE DSS TO BE ON ft DIFFERENT DRIVE 
DO IOT USE TIE LETTER C IF TIERS IS NO HARD DISK 



DRIVE ft, B, C, D, E or F: 



Tooay Is: 6/19/1965 



Figure 9.1 Drive Definition 



Care must be taken for not using drive "C" with IBM PC-XTs 
which do not have a hard disk drive. In all other cases. 
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CEA-DSS has the ability to find any wrong drive definition 
and prompts the user to redefine the drive. 

STEP 2 : Directory (Figure 9.2). The directory contains 
information about previously defined problems. It is located 
on the drive where data for these problems are stored. 



EFFECTIVENESS OF 


CONTROL AND SECURITY 


OF COMPUTER SYSTEMS 


PROBLEM: 


ACTION: GIVE PROBLEM WM£ 


CHOOSE ONE OF THE FOLLOWING OR CREATE YOUR OWN PROBLEM 


PROBLEM: 


CREATED BY: 


DATE: 


CMC 


SCHAEFFER HOWARD 


8/ 15/1965 


PROBLEM 1 


PRESSMAN JOHN 


8/19/1985 


PR0BLEM2 


ELSON MARK 


8/19/1985 


TEST 


RICHARD NOLAN 


7/30/1985 

1 


Number of Problems in tne Directory: 4 " j 


ENTER THE NAME OF THE PROBLEM: DSSTEST 


j Today Is: 8/19/1985 i 
1 1 1 



Figure 9.2 Directory 

When a new drive, i.e. a new floppy disk, is selected, 
the system creates a directory first, and then prompts the 
user to define the problem. For a pre-def med drive, a 
listing of the directory appears on the frame. The user may 
select a problem from the directory, or define a new one. In 
case of an existing problem selection, the process continues 
with Step 4. 

STEP 3 : Data entry (Figure 9.3). The system creates 
the control and exposure files for the particular problem. 
Then, the user has to provide the initial data. At least 
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EFFECTIVENESS OF 


CONTROL AND SECURITY OF COMPUTER SYSTEMS 


PROBLEM: DSSTEST 


ACTION: UPDATE EXPOSURES 



Index:03 Descnotion:Exocsure 3 



WEIGHTED: Damage: *50000 
P.E.R.T: Smallest: $30000 



Probability:©. 95 
Host Likely: $55000 



Largest : $65000 



RANKS: 
Rank P 

0 

1 

d 

3 

4 

c 

6 

7 



Rank P:4.000 Rank (3:4.300 

Damage caused by error Rank 

virtually laoossible 
mgnt naooen once in 400 years 

sight haooen once in 40 years 

sight napoen once in 4 years 

sight naooen once in 100 days 

night haooen once in 10 days 

sight naooen once in 1 day 

sight haooen ten tines a day 



Damage caused by failure 
negligiole 



aoout 

aoout 

about 

about 

about 

aoout 

over 



$10 
$100 
$ 1,000 
$ 10,000 
$ 100,000 
$ 1 , 000,000 
$ 1 , 000,000 



A)dd, D)elete, E)dit, N)ext, P)revious or Q) uit : 



Today Is: 8/19/1985 



EFFECTIVENESS 


OF CONTRO. AND SECURITY Of COMPUTER SYSTEMS ! 

- -1 


I PROBLEM: 0S3TES T 

j 


i ACTION: UPDATE CONTROLS 1 

1 ! 



Index :02 Descriot ion: Control 3 
Cost : $2 1500 

Effectiveness on Exposure i: 0.0 
Effectiveness on ExDosure 3: 0.0 
Effect lveriess on Exposure 3: 0.7 
Effect iveness on Exoosure 4: 0.0 



fi)oc, Dfeiete, E)dit, N;ext, P)revious or Qiuu: 



loaav 



8/19/198: 



Figure 9.3 Data Entry 
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two exposures and two control activities are required to 
enable the CEA-DSS to generate control combinations. The 
process during this step is under the direct control of the 
CEA-DSS • 

STEP 4 : The Main Menu is shown in Figure 9.4. The 
logical selection for a new problem is the Model option. 



EFFECTIVENESS OF 


CONTROL AND SECURITY OF COMPUTER SYSTEMS 


PROBLEM: DSSTEST 


ACTION: MAIN MENU j 



m IN MENU OPTIONS: 



1. hrp 

2. UPDATE FILES OR CHANGE PROBLEM 

3. RUN THE COST EFFECTIVENESS MODa 

4. SENSITIVITY ANALYSIS OF ALTERNATIVES 

5. EXIT TO DOS 



! SELECT 1,2, 3, 4 or 5 : ! Tocav Is: 8/13/1985 ! 

! i ) 



Figure 9.4 Main Menu 

STEP 5 : Model execution. The Model Menu, allows the 
selective invocation of one of the three statistical methods 
for a model run. The user may select one method or all of 
them. Then, the system prompts the user to define the 
desired level of cost according to which the generation of 
control sets will be performed. The use of realistic cost 
levels is recommended, since it may result in a considerable 
reduction of the amount of control sets to be generated 
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and, consequently, in storage and I/O time. Figure 9. 
the model menu and the cost level entry. 



EFFECTIVENESS OF 


CONTROL AND SECURITY OF COMPUTER SYSTEMS 


PROBLEM: DSSTEST 


ACTION: MODEL 



MODEL !€NU OPTIONS: 

1. HELP 

2. RUN THE WEI6HTED METHOD 

3. RUN THE P.E.R.T METHOD 

4. RUN THE RANKINS METHOD 

5. RUN ALL THE METHODS 

6. RETURN TO MAIN MENU 



SELECT 1,2,3, 4, 5 or 6 : 



! Toaav Is: 6/19/1335 



EFFECTIVENESS Of CONTROL AND SECURITY OF COMPUTER SYSTEMS 



PROBLEM: DSSTEST 



ACTION: MODEL / WEIGHTED METHOD 



Total Dajnace Due To ExDOsures : 147800 

Cost to Imoiement All Controls : 69500 

Give The Maximum Amount You Want To Soend On Controls 
or oress Enter for All 

MAXIMUM : $ 69500 

j 



1 Toaav' Is: 

! 



8/19/ 1985 ! 

i 



Figure 9.5 Model Menu and Cost Level Entry 



shows 
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STEP 6 



Sensitivity Analysis Menu (Figure 9.6). The 
prerequisite for accessing the "Control Strategy" and the 
"Graphics" options, is the execution of the model. The same 
is true and for the "Print Reports" option when a printout 
of a set file is requested. 



EFFECTIVENESS OF 


CONTROL AND SECURITY OF COMPUTER 


SYSTEMS 


PROBLEM: DSSTEST 




ACTION: SENSITIVITY ANALYSIS 






SENSITIVITY ANALYSIS MENU OPTIONS: 






i. 


HELP 






2. 


FIND CONTROL STRATEGY 






3. 


6ENERATE GRAPHICS 


( 




4. 


PRINT REPORTS 






5. 


RETURN TO MAIN MENU 




SELECT 1,2,3, 4 or 5 : 




Today 


Is; 6/19/1965 



Figure 9.6 Sensitivity Analysis Menu 

STEP 7 : Print Reports. The system has the capability to 
produce three types of reports. It is expected that the user 
will use these reports, during the sensitivity analysis 
process, as reference. The first table (Figure 9.7) summari- 
zes the initial data of expected losses caused by exposures, 
for three statistical methods. The second report 
(Figure 9.8) summarizes the control activities' effective- 
ness on exposures. Finally, control sets report is a listing 
of the file created and updated by a model run. Figure 9.9 
shows the control sets generated according to the weighted 
method . 
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DECISION SUPPORT SYSTEM 



COST EFFECT I V0£SS ANALYSIS 
FOR 

CONTROL t SECURITY OF COMPUTER SYSTEMS. 



EXPECTED LOSSES CAUSED BY EXPOSURES FOR WORK DSSTEST 



THE WEIGHTED METHOD 





POTENTIAL ERRORS 




AMOUNT OF PROB/TY OF 

DAMAGE OCCURENCE 


01 Exposure 1 

02 Exposure 2 

03 Exposure 3 

04 Exposure 4 






40000 0.850 

80000 0. 780 

50000 0. 950 

30000 0.850 




THE P.E.R.T 


METHOD 






POTENTIAL ERRORS 




AMOUNT OF DAMAGE 
smallest in. likely largest 


01 Exposure 1 

02 Exposure 2 

03 Exposure 3 
0* Exposure 4 






30000 35000 40000 
25000 45000 83200 
30000 55000 65000 
15000 20000 40000 




THE RANKING 


METHOD 






POTENTIAL ERRORS 




ESTIMATION OF PROBABILITY 
OF OCCURENCE AND DAMAGE 
Rank ? Rarin G 


01 Exposure 1 

02 Exposure 2 

03 Exposure 3 

04 Exposure 4 






3.800 4.200 

3.650 4.50; 

4.000 4.300 

3. 200 4. 300 



Figure 9.7 An Expected Losses Report 
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DECISION SUPPORT SYSTEM 



COST EFFECTIVENESS ANALYSIS 
FOR 

CONTROL i SECURITY OF COMPUTER SYSTEMS. 



CONTROL ACTIVITIES FOR WORK DSSTEST 

01 Control 1 

02 Control 2 

03 Control 3 

04 Control 4 



EXPOSURES FOR WORK DSSTEST 

01 Exposure 1 

02 Exposure 2 

03 Exposure 3 

04 Exposure 4 



EXPOSURE : 


01 ! 


02 : 


EFFECTIVENESS OF CONTROL atU ON EXPOSURE edi 
02 ! 04 ! 




i : 


0.600 


0.000 


0.000 


0.00) 




2 ; 


0.000 


0.000 


0.000 


0.830 




3 : 


0.000 


0. 700 


0.000 


0.000 




4 ! 


0.000 


0.000 


0. 850 


0.000 




COST a ( l ) ! 


13000 


21500 


10000 


25000 





. 



Figure 9.8 A Control Effectiveness Report 
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DECISION SUPPORT SYSTEM 



COST EFFECTIVENESS ANALYSIS 
FOR 

CONTROL & SECURITY OF COMPUTER SYSTEMS. 



WEI6HTED METHOD: CONTROL SETS FOR WORK DSSTEST 



CONTROL ACTIVITIES USED BY THE CONTROL SETS: 

01: Control l 

02: Control 2 

03: Control 3 

04: Control 4 



CONTROL ACTIVITIES 


VALLE 


COST 


EXP. COS* 


BCR 


03, 


16575 


10000 


141225 


1.63 


01, 


27200 


13000 


133600 


2.09 


02, 


33250 


21500 


136050 


1.54 


01,03, 


43775 


23000 


127025 


1.90 


04, 


38244 


25000 


133956 


1.55 


02,03, 


49825 


31500 


129475 


1.58 


01,02, 


80450 


34500 


121850 


1.75 


03, 04, 


55419 


35000 


12738! 


1.58 


01,04, 


66044 


38000 


119756 


1.73 


01,02,03, 


77025 


44500 


115275 


1. 73 


02.04, 


72094 


46500 


122206 


1.55 


01,03,04, 


82619 


48000 5 


113181 


1.72 


02,03, 04, 


88669 


56500 


115631 


1.56 


01,02,04, 


99294 


59500 


108006 


1.66 


01,02,03,04, 


115869 


69500 


101431 


1.66 



Figure 9.9 A Control Sets Report 
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The print menu is described in Figure 9.10. Before 
selecting an option, the user must make sure that the 
printer is on-line. 



EFFECTIVENESS OF CONTROL AND SECURITY OF COMPUTER SYSTEMS 



PROBLEM: DSSTEST 



ACTION: SENSITIVITY ANALYSIS / PRINT REPORTS 



PRINT REPORTS >ENU OPTIONS: 



1. HELP 

2. PRINT EXPOSURE EXPECTED LOSS TABLE 

3. PRINT CONTROL EFFECTIVENESS TABLE 

4. PRINT SET FILES 

5. RETURN TO SENSITIVITY ANALYSIS MENU 



SELECT 1,2, 3, 4 or 5 : 



Today Is: 8/19/1985 



Figure 9.10 The Print Menu 

STEP 8 : Graphics. Curves and histograms help the user 
conceptual l ze the differences among alternative control sets 
and among different statistical methods. The incompatibility 
problem of the various types of printers does not allow the 
system to make hard copies of the graphs. The user can use 
instead the CPrtSc] key of the keyboard. Each graphics 
screen contains two graphs. The upper graph depicts the 
Benefit Cost Ratio versus Cost relationship, and the lower 
graph the Total Expected Cost versus Cost. Figure 9.11 shows 
the curves for the DSSTEST problem and Figure 9.12 the 
histograms. For readability purposes, on each curve can be 
drawn up to 200 points and on each histogram up to 24 bars. 
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F igure 9.11 



Graphical Analysis using Curves 



70 





F igure 9.12 



Graphical Analysis using Histograms 








STEP 9 



The last phase of the CEA-DSS process is the 



control strategy selection. The decision maker may select 
the most effective (Figure 9.13) or the most cost effective 
control strategy (Figure 9.14) within the cost range he/she 
desires. The decision maker, helped by the reports and 
graphs, is expected to have a better opinion about the 
amount to be spent for control measures. 



j EFFECTIVENESS 


OF CONTROL AND SECURITY 0 = COMPUTER SYSTEMS 1 

| 


j PROBLEM: DSSTEST 


! ACTION: SENSITIVITY ANALYSIS / CONTROL STRATEGY i 

1 — — 1 



WEIGHTED METHOD: THE MOST EFFECTIVE SET 

CONTROL : Control 1 
CONTROL : Control 2 
CONTROL : Control 3 



Value of Control Set : 77025 

Total Expected Benefit : 32525 



Cost of Control Set 
Total Expected Cost 



Cost Benefit Ratio(BCR): 1.73 

Prior Expected Damaoe Due to Exposures: 147800 
Post Expected Damage Due to Exposures: 70775 



44500 

115275 



press anv Key. 



Tocat is: 8/ 20/ 1965- 



Figure 9.13 The most Effective Control Strategy 

The optimal solution in the problem is found when the 
selected control set is both the most effective ana the 
most cost-effective over a predefined cost range. This is 
the case for this particular example. Figures 9.13 and 9.14 
show the same control set. Under the "Most Effective" 
option, the control set with the lowest expected cost is 
selected. Under the "Most Cost-Effective" option, the set 
with the highest BCR is the most preferable. However, 
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the system does not provide any algorithm for combining 
these two options in order to indicate the optimal control 
strategy . 



EFFECTIVENESS OF 


CONTROL AND SECURITY OF COMPUTER SYSTEMS 


PROBLEM OSS TEST 


ACTION: SENSITIVITY ANALYSIS / CONTROL STRATESY 



WEIGHTED METHOD: THE MOST COST EFFECTIVE SET 

CONTROL : Control 1 
CONTROL : Control 2 
CONTROL ; Control 3 



Value of Control Set : 77025 

Total Expected Benefit : 32525 



Cost of Control Set 
Total Expected Cost 



Cost Benefit Ratio(BCR): 1.73 

Prior Expected Damage Due to Exposures: 147800 
Post Expected Damage Due to Exposures: 70775 



44500 

115275 



press any key. 



Tooay Is: 8/20/1985 



Figure 9.14 The most Cost-Effective Control Strategy 



This is the basic process for a problem creation and 
analysis. Also, the user has the opportunity to access the 
database of the system through the Database Menu. He/she may 
modify the initial data, change problem and/or delete the 
problem. If modifications take place on the data, the model 
must be executed again. The deletion of the problem erases 
any file belonging to this as well as its record in the 
directory. After that, the main menu appears on the screen 
allowing the user to select one of the "Help", "Database" 
and "Exit to DOS" options. The other options of the main 
menu are prohibited when there is no problem definition. The 
database choice after a problem deletion or changing the 
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current problem cause the previously described process to be 
repeated from the beginning. The database menu appears on 
Figure 9.15. 



EFFECTIVENESS 


OF CONTROL AND SECURITY OF COMPUTER SYSTEMS 


PROBLEM: DSSTEST 


1 


ACTION: DATABASE 




DATABASE MENU OPTIONS: 




i. 


HELP 






2. 


CHANGE 


PROBLEM ! 

j 




3. 


DELETE 


CURRENT PROBLEM J 




4. 


UPDATE 


EXPOSURE FILE j 




5. 


UPDATE 


CONTROL FILE j 




6 . 


RETURN 


l 

TO MAIN MENU j 

1 



I SELECT 1. 2, 3, 4, 5 or 6 : 2 ! Tooav Is: 8/20/1985 ! 



Figure 9.15 Database Menu 
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X. 



CONCLUSION 



The purpose of the research was to implement a DSS for 
selecting EDP control strategies. Three analytical methods 
for determining coat-effectiveness of EDP controls were 
integrated in a customized database management system. Also 
a careful user interface was designed to support user 
interactiveness with the system. 

From the user's perspective, the current version of the 
CEA-DSS is able to handle any uneven condition associated 
with data entry and process request errors. The enhancement 
of an acceptable combination of colors and sounds contribu- 
tes to the user friendliness of the system. Since the users 
have different preferences, one possible improvement should 
be to let the user define the colors and sounds he/she 
likes. The help facility also can be easily modified to 
satisfy the user needs for on-line information, as discussed 
in Appendix B. 

From the system design perspective, CEA-DSS permits the 
user to exercise virtual control over its processes. The 
database system is exclusively designed and implemented to 
serve the introduced EXPOSURE, CONTROL and SET records. It 
is expected that any future enhancements in the database 
schema will require extensive modifications and maintenance 
to be done on the database and the DBMS. The model base of 
the CEA-DSS consists of the three variances of the CEA 
model. Integration of new techniques, using the existing 
data structure, will require slight mod if ications of the 
current system. The same is true for the sensitivity 
analysis part where any additional reports, graphs and 
control strategy selection algorithms will not influence the 
system . 
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On© great inefficiency recorded during the testing 
phase is associated with the control strategy selection 
algorithm. The sample problem DSSTEST, presented in 
Chapter 9, can be considered as an extreme condition. The 
solution was recognized as the optimal one because it had 
both, the greatest Benefit Cost Ratio and the lowest Total 
Expected Cost. This is generally not the case. In reality, 
the optimal solution is found somewhere in the three 
dimensional spectrum composed of the Benefit Cost Ratio, the 
Total Expected Cost and a Scaling Relational Algorithm for 
them. It is expected that the enhancement of such an 
algorithm will dramatically improve the control strategy 
selection process. 

Another unresolved issue concerns the assignment of 
the BCR to the control sets. Control Sets consisting of 
fewer Control activities turn out to have higher BCRs. This 
is due to the nature of the algorithm that the model uses to 
compute the value of the control sets. A way to handle this 
would be to introduce in the computation of the control 
set's BCR one more parameter which will be able resolve 
these differences . 

It is recommended that the CEA-DSS built during this 
research be evaluated on real life applications. In effect, 
all data used during the testing phase of the CEA-DSS were 
chosen on a random basis. Information gathered from a real 
life computer audit process would probably contribute to 
the evaluation of current control techniques. Furthermore, 
the CEA-DSS will not only support the selection phase but 
also the evaluation and exploration phases of the computer 
audit process life cycle. 
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APPENDIX A 



MESSAGES 



INFORMAL MESSAGES : 

CREATING EXPOSURE AND CONTROL FILES 

Initiation: A new problem has been introduced by the user, 

DELETING CONTROL 
DELETING EXPOSURE 

Initiation: Request for deletion of a control or exposure 

record . 

NEW DIRECTORY 

Initiation: New drive definition, 

CONTROL "description" IS NOT EFFECTIVE 

Initiation: The cost of a control activity is greater than 
its expected value. 

PLEASE WAIT 

Initiation: Control sets generation. 

PLEASE WAIT FOR THE PREPARATION OF THE GRAPH 

Initiation: Request for graphic representation, curve or 

histogram . 
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ERROR MESSAGES: 



SYSTEM REQUIRES 2 CONTROLS AT LEAST 

SYSTEM REQUIRES 2 EXPOSURES AT LEAST 

Initiation: Request for deletion of control or exposure 

record while the file contain only two records. 

THE SYSTEM CANNOT HOLD ANOTHER EXPOSURE 

Initiation: The user attempts to add the 14th control 

activity or the 25th exposure. 

YOU MUST RUN THE MODEL FIRST 

Initiation: Request to access sensitivity analysis areas 

prior to the model execution. 

THERE IS NOT ENOUGH SPACE ON DRIVE X 

Initiation: Nonexistent drive definition or the defined 
drive does not have the appropriate space for a 
dictionary and problem creation. 

CHECK YOUR ENTRY. "HIGH" MUST BE GREATER THAN "LOW" 

Initiation: Entry of an ambiguous cost range for the 

sensitivity analysis part. 



TRIGGER MESSAGES : 

DEFINE THE DRIVE YOU WANT TO USE FOR FILES 

Initiation: CEA-DSS activation or request to change the 
current problem. 

DO YOU WISH TO DELETE THE PROBLEM ? 

Initiation: Request to delete the current problem. The 

system prompts the user to confirm. 



78 



THERE 15 ALREADY FILE FOR THAT METHOD 

Initiation: Request to rerun the model. The user can delete 
the set file only, or to proceed to model 
execution . 

CANNOT COMPUTE SETS WITHOUT EFFECTIVE CONTROLS 

CANNOT COMPUTE SETS WITH ONLY ONE EFFECTIVE CONTROL 

Initiation: Control sets generation. The user may correct 
some initial data or to abandon the current 
problem . 

THERE IS NO ANY SET WITHIN THAT RANGE 

Initiation: The cost range defined for sensitivity analysis 
is very limited. The user may widen the range. 

CANNOT MAKE GRAPH WITH LESS THAN 2 SETS 

Initiation: Request for graphics, while the defined cost 

range includes only one control set. The user 
may redefine a wider cost range. 
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APPENDIX B 
THE HELP FACILITY 

The help facility of the CEA-DSS is carried out via the 
HELP module, listed at the end of the program listing in 
Appendix C. The Help module supplies the calling menu with 
information relative to its functions. The algorithm for 
this selective retrieval of information is based on a code 
character. This character is sent to the Help module as 
parameter in the call statement, identifying the calling 
part of the program. The Help module uses this character to 
assemble the file name of the text file where the requested 
information resides . 

The advantage of keeping the help text external to the 
program is that it can be changed easily, with any editor, 
without affecting the code of the CEA-DSS. The help module 
also has the advantage of returning control to the caller 
immediately in case that the requested help, text file, is 
missing. The files of the system dedicated to the help 
facility along with their content are listed below. 

File: HELPM.TXT 

HELP FOR MAIN MENU 
UPDATE FILES OR CHANGE WORK 

This is the Database of the system. You have access to three 
files. The EXPOSURE, the CONTROL and the PROBLEM file. You 
can Add, Delete or Edit EXPOSURES and CONTROLS. You can also 
Change or Delete WORK. 

RUN THE COST EFFECTIVENESS MODEL 

Once you have updated the EXPOSURE and CONTROL files you 
can run the model. The model will create the set files 
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which will b© used after for decision making. If you chose 
the current work from the directory of the system and you 
are not going to modify the EXPOSURE and CONTROL files you 
DON'T need to run the model. 

SENSITIVITY ANALYSIS 

This is the main area of interest. It will help you to find 
out the optimal solution according to your preferences and 
budget. There are available to you graphics and print 
facilities . 

File: HELPD.TXT 

HELP FOR DATABASE MENU 

At the bottom of the frame it appears always the command 
line which prompts you to make selections by typing numbers 
or letters. 

CHANGE PROBLEM 

The directory of the system is listed and then you are 
prompted to define the problem you desire. If you choose an 
existing one, you will be switched to that immediately. If 
you create a new one, you will be asked to enter, at least, 
two EXPOSURES and two CONTROL ACTIVITIES. 

DELETE CURRENT PROBLEM 

You can only delete the current problem. If you wish to 
delete a different problem, you must change the problem 
first, and then choose from the directory the problem you 
want to delete, and delete it. You will be asked to confirm 
for the requested deletion by typing the character M ! " . 
UPDATING EXPOSURE OR CONTROL FILE 

You can A)dd, D)elete, E)dit Exposures and Controls, and 
scroll the files forwards and backwards using N)ext or 
P ) revious . 

Keep in mind that the edit mode is always in the INSERT 
MODE. 
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File: HELPO.TXT 



HELP MODEL 

You can run the model using the WEIGHTED PROBABILITY, the 
P.E.R.T method and the RANKING method. You will be prompted 
to enter the upper cost limit. If you have enough controls 
in the control file it is better to use as short cost 
ranges as possible in order to minimize the time that the 
system will require to generate the control sets. Don't 
forget that N controls may produce 2 to the Nth power 
control sets. 

If you get a message like ' NOT ENOUGH SPACE ON DRIVE X', you 
can overcome that using one of the following: 

1. If you have already run another method for that 

problem, choose that method again, and erase its set file. 

2. Change problem, choose one from the directory that you 
do not need, delete it, and then choose again the problem 
you want to work on. 

File: HELPS . TXT 

HELP FOR SENSITIVITY ANALYSIS 
CONTROL STRATEGY 

Control strategy helps you determine the optimal control 
alternative from all the possible combinations of control 
activities, or the best one, according to the cost range 
you are asked to specify. 

GRAPHICS 

You can generate curves and histograms representing the 
relations between BENEFIT COST RATIO and COST, or between 
TOTAL EXPECTED COST and COST. 

REPORTS 

You can have a hardcopy of the exposures or controls in 
tabular format, and a listing of the set files. 
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File: HELPB.TXT 

HELP FOR CONTROL STRATEGY 
MOST EFFECTIVE ALTERNATIVE 

The most effective alternative is the one that it is 
expected to minimize the total expected cost. 

MOST COST EFFECTIVE ALTERNATIVE 

The most cost effective alternative is the one that will 
return the highest benefit per dollar spent. 

File: HELPG.TXT 

HELP FOR GRAPHICS 

You can print the curves or histograms by using the CPrtSc] 
key. Be sure that your printer is ON. The system will 
switch it to the graphics mode. 

Curves and Histograms represent relations of Cost versus 
Benefit Cost Ratio and Cost versus Total Expected Cost. 

Each curve can hold up to 200 control sets to be drawn, 
and each histogram ut to 24. 

You will be asked to give the Cost Range over which the 
graph will be done. If the number of control sets within 
the selected range exceeds the above limits, the system will 
adjust the range. 

File: HELPP.TXT 

HELP FOR PRINT REPORTS 
YOUR PRINTER MUST BE ON-LINE BEFORE YOU TRY TO PRINT ANY 
REPORT 

You must have set the top of form properly and use page 
length 11 inches in order the reports to be printed 
correctly . 
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APPENDIX C 



THE PROGRAM LISTING 



<*.*»*.**************************************»»»*.»********) 



( * 






* ) 


( * 




DECISION SUPPORT SYSTEM 


*) 


< * 






* ) 


( * 


A 


COST-EFFECTIVENESS ANALYSIS 


*) 


< * 




FOR 


*) 


< * 


CONTROL 


AND SECURITY OF COMPUTER SYSTEMS 


*) 


< * 






* ) 


<* 




FILE DSS. PAS 


*) 


( * 






* > 



PROGRAM CEA-DSS; 
{ SA + , I- ,R- , V- > 



const 

<* TURBO ACCESS 
maxrecsize = 
maxdatarecsize = 
maxkeylen = 
pagesize : 
order = 
pagestacksize ; 
maxheight = 



CONSTANTS *> 
220 ; 

’ maxrecsize; 
11 ; 

: 128 ; 

64 ; 

■ 16 ; 

5 ; 



var 

noof recs 



integer ; 



<* INCLUDE FILES *) 
{ SI ACCESS . BOX } 
(SIGETKEY . BOX } 

{ SI ADDKEY . BOX } 
{SIDELKEY . BOX } 

( SITYPEDEF .SYS) 
CSIGRAPHIX.SYS) 

{ SIKERNEL . SYS } 

{ SI WINDOWS - SYS } 

{ SIHATCH . HGH } 
(SITYPEDEF. DSS) 
(SIUTILITY . BOX } 



84 



{ SI AXIS • HGH) 

(SI POLYGON . HGH) 
(SIHISTOGRM . HGH) 
{ SIMENUS . DSS } 

{ SIFORMATS . DSS } 



FIRST OVERLAY 



{ SIHELP . DSS) 



{ SI DATABASE . DSS) , 

{ SIMODEL . DSS } L SECOND OVERLAY 

{ SISENSANAL . DSS } * 



<* WAIN PROGRAM *) 

BEGIN 

textmode ; 
textcolor ( x) ; 
textbackground ( z) ; 
help ( ' I ' ) ; 
ans : = ' ' ; 

makeframe; 
putdate ; 
flag := true; 
database ; 

while ans <> '5' do 

begin 

mainmenu ; 
if flag then 

select ( ' SELECT 1,2 or 5 : \ 1' /2' Z5' 1 ,ans) 

else 

selectC 'SELECT 1,2, 3, 4 or 5 : ' , [ ' 1 ' . . ' 5 ' ] , ans ) ; 

case ans of 
' 1 ' : help('M'); 

' 2 ' : database; 

' 3 ' : model; 

'4' : sensiti vityanalysis 

end (of case) 
end; (of while] 

clrscr ; 

gotoxy (15,12) ; 

writeC'***** END OF THE DECISION SUPPORT SYSTEM **♦**') 
wait ; 

textcolor < 15) ; 
textbackground ( 0 ) ; 
clrscr 
END. 
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( 

( * 
<* 
( * 
<* 



TYPE DECLARATIONS 
FILE TYPEDEF . DSS 



>*) 
*) 
*> 
* ) 
*) 



( * *) 

(**********************************************************) 



const 



maxctrl 


= 


13; ( maximum 


maxexp 


= 


24; ( maximum 


z 


= 


0; (standard 


X 


= 


14; (standard 


f pe 


ch3et = 


set of char; 


3tr2 


= 


string C2) ; 


str5 


= 


string C5) ; 


str8 


= 


string C8) ; 


strlO 


= 


string C 10) ; 


str25 


= 


string C25) ; 


str40 


= 


string C40) ; 


str50 


= 


string C50) ; 


str80 


= 


string C80) ; 


anystr 


= 


string C255) ; 


ctr lrange 


= 0 . . maxctrl ; 


exprange 




= 0 . . maxexp ; 


exposure 


= record 


index 




: str2; 



number of control activities } 
number of exposures } 
text background) 
text color) 



description 
damage 
probability 
smallest , 
mostlikely , 
largest 
rankP , 
rankQ 
end ; 

eff 

ctrlef f 
control 
index 

description 
cost 
effect 
end ; 



str50; 
str8; 
str5 ; 



str8 ; 
str5 



array Cl . .maxexp] of string C5) 

array Cl .. maxctrl) of eff; 

record 

str2 ; 

strSO; 

str8; 

eff 
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controlmatr ix = array C 1 . . maxctr 1 3 of control 
combinationindex = array Cl . . maxctr 1 3 of str2 



setrec 

setcomb 

Vk,Lk,Ck, 

Nk,TCk 

BCR 

end; 

problemrec 

problemname 

creator 

date 

wcomb , pcomb , 
rcomb 
wtotcost , 
ptotcoat , 
rtotcost 
end; 



record 

combinationindex ; 



record 
atr8 ; 
str25; 
str 10 ; 

combinationindex ; 



str 10 



: str 10 ; 
: str5 



var 

filel, file2 
indexl , index2 
f 1 

expsr 

Ctrl 

st 

problem 
cproblem 
wcombindex , 
pcombindex , 
rcombindex , 
comb 
ce 
cc 

ctrlmatrix 
totaloss , 
totalcost , 
wtotalcost # 
ptotalcost ^ 
rtotalcost 
expno 
ans, tc 
dr 

flag 



dataf i le ; 
indexf i le ; 
file; 
exposure ; 
control ; 
setrec; 
problemrec ; 
str8; 



combinationindex ; 
ctr lef f ; 

array Cl .. maxctrl] of str8; 
controlmatr ix ; 



real ; 
integer ; 
char ; 
str2 ; 
boolean ; 
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UTILITY. BOX 



<* 
<* 
<* 
( * 
< * 
( * 
( * 
( * 
<* 



The utility box contains all 
functions which are common 
modules of the system. 



the procedures and 
ly used by all the 



*) 
*) 
*) 
* > 
* ) 
*> 
*) 
*> 
*) 



<* upcasestr converts a string to upper case »> 

function upcasestrCs : str80) : str80; 

var 

p : integer; 

begin 

for p := 1 to length(s) do 
sCp] := upcase (s [p] ) ; 

upcasestr := s; 
end ; 



(* conststr returns a string with N characters of value C*) 

function conststrCc : char; n : integer) : str80; 

var 

s : string C80] ; 

begin 

if n < 0 then 
n : = 0 ; 

s COD : = chr < n ) ; 

f i 1 1 char ( s C 1 ] , n, c ) ; 

conststr : = s ; 
end ; 



<* getvalue returns the ASCII value of a string O 

function getvalueCs : anystr) : integer; 

var 

i, total : integer; 

begin 

total := 0; 

if length(s) > 0 then 

for i : = 1 to length(s) do 

total := total + ord(copy(s,i,l) ) ; 

getvalue := total 
end ; 
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<* strtoreal returns a real number equivalent to a string *) 

function strtoreal <s : strlO) : real; 

var 

t : integer; 

r : real; 

begin 

val <s,r, t) ; 
strtoreal := r 
end ; 



<* realtostr returns a string equivalent to a real number *> 

function realtostr (r : real) : strlO; 

var 

s : string CIO]; 
begin 

f i 1 1 char ( s, sizeof < s) ,0) ; 
str < r , s ) ; 
realtostr := s 
end ; 



(* strtoint returns an integer equivalent to a string *) 

function strtointCs : str2) : integer; 

var 

i , j : integer; 

begin 

val (s, i , j ) ; 

strtoint := i 
end ; 



<* intostr returns a string equivalent to an integer *) 

function inttostr (n : integer) : str2; 

var 

s : string C2] ; 
begin 

f illchar < s , 2 , 0 ) ; 
str ( n , s) ; 
inttostr := s 
end ; 
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<* adjuststr removes any leadind spaces from a string *) 

procedure adjuststr (var s : anystr) ; 

begin 

while sCl] = ' ' do 

if s C 1 ] = ' ' then 

delete (s, 1 , 1 ) ; 

end ; 



<* the system waits for the user *) 

procedure wait; 

var 

ch : char; 
i , 3 : integer ; 

begin 

textcolor < 15) ; 

gotoxy < 2 , 23 ) ; write ( const str < ' ' , 53 ) ) ; 

gotoxy (3, 23) ; write( 'press any key,.'); 
for i : = 1 to 3 do 
begin 

3 : = sqr(random(30) )+300; 

sound ( 3 ); delay ( 300) 
end ; 

nosound ; 
read (kbd, ch) ; 
gotoxy <3 , 23) ; write(' 
textcolor ( x ) 
end ; 



(* Beep sounds the terminal bell or beeper *) 

procedure beep; 

begin 

sound(680); delay (400); nosound 
end ; 



(» inputstr is used for the entry and validation of data. 
It enables also the use of the cursor movement keys 
char-left, char-right and del. of the keyboard. *) 

procedure inputstrCvar s : anystr; 

1 , 1,3 : integer; 

term : chset; 
var tc : char ) ; 

label 
again ; 
var 

valid : set of char; 

value , 

p, n : integer; 

ch : char; 
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begin 

textbackground < 14) ; 
textcolor <0) ; 
tc : = #0; 

valid := term + C#8 , #13 , #273 ; 

again : 

gotoxy ( i , j ) ; write (a, const str ( ' ' , l-length(s) ) ) ; 

P := 0; 
repeat 

gotoxy (i+p, j ) ; read(kbd,ch) ; 
if not (ch in valid) then 
beep 
else 
begin 

if (ch in term) and <p < 1) then 
begin 

p := P + 1: 
deleteCs, 1,1); 
insert (ch , s , p) ; 
write ( copy < s , p , 1 ) ) 
end ; 

if (ch = #8) and <p >= length(s)) and <p > 0) 
begin 

delete (s , p , 1 ) ; 

P := P - i; 

gotoxy < i +p , j ) ; write( / ') 
end ; 

if (ch = #27) and keypressed then 
begin 

read (kbd , ch) ; 

if ch = ' K ' then 

begin 

if p > 0 then 

p := p - 1 

else 

beep 

end ; 



if (ch = ' M' ) and 

P : = p + l ; 


<p < 


length ( s ) ) 


then 


if (ch = ' 5' ) and 

begin 

delete (s, p+1,1) ; 


<p < 


length ( s ) ) 


then 


write (copy (s, p+1 , 


i> , ' 


' ) 





end ; 

if ch in C'H' ,'P'] then 
begin 

tc := chr(100 + ord(ch) ) ; 

p : = 1 

end 

end 

end 

until (ch = #13) or (p = 1); 



then 
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if ch = #13 then 
tc : = ch; 

value := getvalue(s); 
n : = 32 * length(s); 

if (value <= n) and (ch <> 'H') then 
begin 
beep; 
tc := #0; 
goto again 
end ; 

adjuatatr ( a) ; 
textbackground(z) ; 
textcolor (x) 
end; (inputstr) 



(* action writes on the frame the current action *> 

procedure action(s : str40) ; 

begin 

textcolor ( 2) ; 

gotoxy ( 39 , 4 ) ; write ( conststr ( ' ' , 40) ) ; 

gotoxy(39,4) ; write(s) ; 
textcolor (x) 
end ; 



procedure cl ear message ; 
begin 

gotoxy (2,12) ; write ( conststr ( ' ' , 78 ) ) 

end ; 



(* message writes a string at the center of the frame * ) 

procedure message(s : str80) ; 

var 

i : integer; 

begin 

cl ear message ; 
textbackground ( 0) ; 
textcolor ( 31 ) ; 

i := trunc( (80 - length ( s )) /2 ) ; 

gotoxy ( i , 12) ; write ( copy ( s , 1 , length ( s ) ) ) ; 

beep ; 

textbackground ( z) ; 
textcolor ( x ) 
end ; 



procedure cl ear select ; 
begin 

gotoxy (2, 23) ; write (conststr < ' ' , 53) ). 

end ; 
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(* select writes the command line at 
frame and accepts the selection 
procedure select ( prompt : str80; 

term : chset; 

var tc : char 

var 

ch : char; 
begin 

clearselect ; 
textcolor < 15 ) ; 

gotoxy <4,23) ; write < prompt ) ; 
textbackground < 30) ; 
gotoxy ( 5 + length (prompt) , 23) ; write( ' ' ) ; 

gotoxy <5-*- length (prompt) , 23) ; 
textbackground ( 2 ) ; 
textcolor ( x) ; 
repeat 

read ( kbd , ch ) ; 
tc := upcase(ch); 
if not (tc in term) then 
beep ; 

until tc in term; 
write ( tc) 
end ; 



the bottom of the 



); 



(* cleartext clears the work area of the frame * > 

procedure cleartext ; 

var 

i : integer; 

begin 

for i := 10 to 21 do 

begin 

gotoxy ( 2 , i ) ; 
write(conststr ( ' ' ,78) ) 

end 
end ; 



procedure cl ear frame ; 
var 

i : integer ; 

begin 

for i ; = 6 to 9 do 
begin 

gotoxy ( 2 , i ) ; 
wri te < const str < ' ' , 78 ) ) 

end ; 

cleartext ; 
clearselect ; 
end ; 
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8 ) ) 



procedure cl ear problem ; 
begin 

gotoxy < 13 , 4 ) ; write (conststr ( ' ', 

end ; 



<* problemf ield writes the problem description in the 
problem area ofthe frame *) 

procedure problemf ield ( s : str8) ; 

begin 

cl ear problem ; 
textcolor (2) ; 
gotoxy (13,4) ; 
write ( s) ; 
textcolor (x) 
end ; 



<* funckey helps in using the cursor movement keys 

line-up, line down, and enter of the keyboard *) 

procedure funckey (ch : char; var i : integer); 

begin 

if ch > #126 then 

ch := chr (ord (ch) -100) ; 
if ch = 'P' then 

i : = i + 1 ; 
if ch = 'H' then 

begin 

if i = 1 then 
beep 
else 

i : = i - 1 

end ; 

if ch = #13 then 

i : = i + 1 

end ; 



(* avai lablespace returns the available space(bytes) 
of the logged drive. » ) 

procedure spaces vai lable ( var totalbytes : real ); 

type 

regrec = record { register pack Used in MSDos call ) 
AX, BX, CX, DX, BP, SI, DI, DS , ES, Flags : integer 

end ; 

var 

tracks , 
drive , 
bytes , 

sectors : integer; 

regs : regrec; 

ch : char; 
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procedure diskstatus( drive : integer; var tracks, 

bytes, sectors : integer ) ; 

begin 

regs.AX := S3600; 
regs.DX := Drive; 

MSDos ( regs ); 
tracks := regs.BX; 
bytes := regs.CX; 
sectors := regs.AX 
end ; 
begin 

ch := copy (dr , 1 , 1 ) ; 
drive := ord(ch) - 64; 

diskstatusC drive, tracks, bytes, sectors ); 
totalbytes := (< sectors * bytes * 1.0 ) * tracks ) 

end ; 



procedure getdateC var date : strlO ); 
type 

regrec = record { register pack Used in MSDos call > 
AX, BX, CX, DX, BP, SI, DI, DS, ES, Flags : integer 

end ; 
var 

regs : regrec; 
mm,dd : stringC2J; 
yy : string C43 ; 

begin 

regs. ax := S2A shl 8; 
msdos ( regs ) ; 
str < regs . cx , yy ) ; 
strCregs.dx mod 256, dd); 
str (regs.dx shr 8, mm); 
date := mm + '/ '+dd+V'+yy 
end ; 



<* putdate writes the date at the lower right corner 

of the frame * ) 

procedure put date ; 
var 

date : string CIO]; 
begin 

textbackground ( 3 ) ; 
textcolor < 0) ; 
getdate ( date ) ; 
gotoxy (68, 23) ; write(date) ; 
textbackground ( 2 ) ; 
textcolor ( x ) 
end ; 



95 



(***************«******************************************) 
( * *) 

(* MENUS. D5S *) 

( * * ) 

(*********#*********##*************************************) 



overlay procedure mainmenu; 
begin 

clearf rame ; 

action < " MAIN MENU"); 

gotoxy (20, 7) ; 

write < " MAIN MENU OPTIONS:"); 
gotoxy ( 20 , 10 ) ; 
write ( " 1 . HELP"); 
gotoxy (20, 12) ; 

write < " 2 . UPDATE FILES OR CHANGE PROBLEM'); 
gotoxy <20, 14) ; 

write ( " 3 . RUN THE COST EFFECTIVENESS MODEL"); 
gotoxy (20, 16) ; 

write ( " 4 . SENSITIVITY ANALYSIS OF ALTERNATIVES"): 
gotoxy < 20 , 18 ) ; 
write ( " 5 . EXIT TO DOS"); 
end ; 



overlay procedure dbasemenu; 
begin 



clearf rame ; 
action<" DATABASE" ) ; 
gotoxy ( 26 , 7 ) ; 

write( " DATABASE MENU OPTIONS 


• / • 


gotoxy (26,10); 
write ( " 1 . HELP"); 

gotoxy (26,12); 
write ( " 2 . CHANGE 


PROBLEM' ) 


" 


gotoxy (26,14); 
write ( " 3 . DELETE 


CURRENT PROBLEM 


gotoxy (26, 16) ; 
write ( " 4 . UPDATE 


EXPOSURE 


FILE" 


gotoxy ( 26 , 18 ) ; 
write ( " 5 . UPDATE 


CONTROL 


FILE" 


gotoxy ( 26 , 20 ) ; 
write ( " 6 . RETURN 


TO MAIN 


MENU" 



end ; 



96 



overlay procedure modelmenu; 
begin 

clearf rame ; 
action < ' MODEL ' ) ; 
gotoxy ( 25 , 7 ) ; 

write C ' MODEL MENU OPTIONS:'); 



gotoxy (25, 10) ; 
write ( ' 1 . HELP'); 
gotoxy <25, 12) ; 
write ( ' 2 • RUN THE 
gotoxy <25, 14) ; 
write ( ' 3 . RUN THE 
gotoxy <25 , 16 ) ; 
write < ' 4 . RUN THE 
gotoxy < 25 , 18 ) ; 
write<'5. RUN ALL 
gotoxy <25,20) ; 
write < ' 6 . RETURN TO 



WEIGHTED METHOD' ) 
P.E.R.T METHOD') 
RANKING METHOD') 
THE METHODS'); 
MAIN MENU'); 



overlay procedure sensanalmenu ; 
begin 

clearf rame ; 

action< 'SENSITIVITY ANALYSIS'); 
gotoxy < 28 , 7 ) ; 

wr ite <' SENSITIVITY ANALYSIS MENU OPTION 
gotoxy < 28 , 10 ) ; 
write < ' 1 . HELP'); 
gotoxy <28, 12) ; 

write < ' 2 . FIND CONTROL STRATEGY'); 
gotoxy < 28 , 14 ) ; 

write < ' 3 - GENERATE GRAPHICS'); 
gotoxy < 28 , 16 ) ; 

write < ' 4 . PRINT REPORTS'); 
gotoxy <28, 18) ; 

write < ' 5 . RETURN TO MAIN MENU'); 
end ; 
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overlay procedure controlstrategymenu ; 
begin 

clearf rame; 

action ('SENSITIVITY ANALYSIS / CONTROL STRATEGY " ) ; 
gotoxy (15, 7 ) ; 

write ( " CONTROL STRATEGY MENU OPTIONS : " ) ; 
gotoxy (15,10) ; 
write ( " 1 . HELP"); 
gotoxy (15,13) ; 

write ( " 2 . FIND THE MOST EFFECTIVE CONTROL SET") 
gotoxy (15,16); 

write ( " 3 . FIND THE MOST COST EFFECTIVE CONTROL" 

" SET"); 

gotoxy (15,19) ; 

write ( " 4 . RETURN TO SENSITIVITY ANALYSIS MENU") 

end ; 



overlay procedure graphicsmenu ; 
begin 

clearf rame ; 

action( "SENSITIVITY ANALYSIS / GRAPHICS"); 
gotoxy ( 21 , 7 ) ; 

write( "GRAPHICS MENU OPTIONS:"); 
gotoxy (21 , 10) ; 
write ( " 1 . HELP"); 
gotoxy (21,13); 

write ( " 2 . DRAW REPRESENTATIVE CURVES'); 
gotoxy (21,16); 

write ( " 3 . DRAW REPRESENTATIVE HISTOGRAMS'); 
gotoxy (21,19) ; 

write ( " 4 . RETURN TO SENSITIVITY ANALYSIS MENU"); 
end ; 



overlay procedure printmenu; 
begin 

clearf rame ; 

action( "SENSITIVITY ANALYSIS / PRINT REPORTS'); 
gotoxy ( 19 , 7 ) ; 

wnte( "PRINT REPORTS MENU OPTIONS:'); 
gotoxy (19,10) ; 
write ( " 1 . HELP"); 
gotoxy (19,12) ; 

write ( " 2 . PRINT EXPOSURE EXPECTED LOSS TABLE") 
gotoxy (19,14) ; 

write ( " 3 . PRINT CONTROL EFFECTIVENESS TABLE'); 
gotoxy (19,16) ; 

write ( ' 4 • PRINT SET FILES'); 
gotoxy ( 19 , 18 ) ; 

write ( " 5 . RETURN TO SENSITIVITY ANALYSIS MENU") 
end ; 
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(A*********************************************************) 



( * * ) 

O FORMATS D 5 S *) 

( * * ) 

<**********************************************************) 



(* makeframe writes the frame of the system along 
the identification of each area 
procedure makef rame ; 
var 



i : integer; 

begin 

clrscr ; 
gotoxy ( 1,1) 

gotoxy (80, 1 ) 
gotoxyC 2,1) 
gotoxy< 1,2) 
gotoxy ( 80 , 2 ) 
gotoxy< 1,3) 
gotoxy ( 80 , 3 ) 
gotoxyC 2,3) 
gotoxy ( 25 , 3 ) 
gotoxyC 1,4) 
gotoxy C 25 , 4 ) 
gotoxy ( 80 , 4 ) 
gotoxyC 1,5) 
gotoxy ( 80 , 5 ) 
gotoxyC 2,5) 
gotoxy ( 25 , 5 ) 



wr ite C chr C 201 ) ) ; 

write (chr(187) ) ; 

write C conststr C chr C 205 ) ,78) ) ; 

writeCchr C 186) ) ; 

wr ite Cchr C 186) ) ; 

write ( chr C 204 ) ) ; 

write (chr ( 185) ) ; 

write ( conststr C chr C 205 ) ,78) ) ; 

wr ite C chr ( 203) ) ; 

write (chr ( 186) ) ; 

write Cchr ( 186) ) ; 

wr ite ( chr ( 186 ) ) ; 

write Cchr ( 204 ) ) ; 

write (chr C 185) ) ; 

wr ite C conststr C chr C 205 ) , 78 ) ) ; 

write (chr C 202) ) ; 



with 

*) 



for i := 6 to 21 do 
begin 

gotoxyC l,i); wr i te ( chr ( 186 ) ) ; 
gotoxy(80,i) ; write (chr(186) ) 
end ; 



gotoxyC 1, 
gotoxy C 80 , 
gotoxyC 2, 
gotoxy C 55, 
gotoxyC 1, 
gotoxy C 55 , 
gotoxy C 80 , 
gotoxyC 1, 
gotoxy C 80 , 
gotoxyC 2, 
gotoxy (55 , 
textcolor C 



22) ; 


write 


22) ; 


write 


22) ; 


write 


22) ; 


write 


23) ; 


write 


23) ; 


write 


23) ; 


write 


24) ; 


write 


24) ; 


write 


24) ; 


write 


24) ; 


write 


3) ; 





Cchr (204) ) 
Cchr ( 185) ) 
C conststr C 
Cchr (203) ) 
Cchr ( 186) ) 
Cchr C 186) ) 
Cchr (186) ) 
Cchr (200) ) 
Cchr (188) ) 
C conststr ( 
(chr (202) ) 



chr (205) ,78) ) 



chr (205) ,78) ) 
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gotoxy <8, 2) ; 

write ( ' EFFECTIVENESS OF CONTROL AND SECURITY OF' , 

' COMPUTER SYSTEMS') 

gotoxy ( 4, 4); wr ite (' PROBLEM :') ; 

gotoxy(31, 4); wr ite (' ACTION :') ; 

gotoxy (58,23) ; wri te (' Today Is:'); textcolor(x) 
end ; 



<* exposureform writes the field descriptions for the 
exposure record and one table which helps the user 
to fill the fields of the ranking method. It is 
used by the database for updating exposures. *) 

procedure exposureform ; 
begin 



clearf rame; 
gotoxy ( 3, S) 
gotoxy (16, 6) 
gotoxyC 5, 8) 
gotoxy(15, 8) 
gotoxy(36, 8) 
gotoxy ( 5,10) 



) 



) 



gotoxy (15,10) 
gotoxy (36, 10) 
gotoxy (60, 10) 
gotoxy( 5,12) 
gotoxy (15,12) 
gotoxy (36, 12) 
textcolor ( 7 ) ; 
write('Rank P 
gotoxy (45,13) 
write('Rank Q 
gotoxy ( 8,14); 
write ( ' 0 virtual ly 
gotoxy ( 48 , 14 ) ; 
wr ite ( ' 0 negligible' ) 

gotoxy ( 8,15); 
write ( ' 1 might 
gotoxy (48,15); 
write ( ' 1 about 
gotoxy ( 8,16); 
write ( ' 2 might 
gotoxy (48, 16) ; 
write ( ' 2 about 
gotoxy ( 8,17); 
write ( ' 3 might 
gotoxy ( 48 , 17 ) ; 
write('3 about 
gotoxy ( 8,18); 
write ( ' 4 might 
gotoxy ( 48 , 18 ) ; 
write('4 about 



write ( ' Index : ' ) ; 
write( 'Description: 
write( 'WEIGHTED: ' ) ; 
write ( ' Damage : S ' ) ; 
write ( ' Probability : 
write ( 'P.E.R.T: ' ) ; 
write ( ' Smallest : S ' ) ; 
write ( ' Most LikelyJS' ) 
write ( ' Largest : S ' ) ; 
write( 'RANKS: ' ) ; 
write('Rank P:'); 
write('Rank Q:'); 
gotoxy ( 5,13); 

Damage caused by error' 



) 



Damage caused by failure'); 
impossible' ) ; 

' ) ; 

happen once in 400 years' ) 
S10' ) ; 

happen once in 40 years' ) 
S100' ) ; 



happen once in 
SI ,000' ) ; 
happen once in 
310,000' ) ; 



4 years' ) 



100 days') 



100 



10 



days' ) ; 



gotoxy ( 8,19); 

writeC'5 might happen once in 
gotoxy < 48 , 19 ) ; 

write('5 about 3100,000'); 

gotoxy ( 8,20) ; 

write('6 might happen once in 1 
gotoxy ( 48, 20) ; 

write('6 about * 31,000,000'); 
gotoxy ( 8,21); 

write('7 might happen ten times a 
gotoxy ( 48 , 21 ) ; 

write('7 over 31,000,000'); 

textcolor ( x ) 
end ; 



day' ) ; 



day' ) ; 



(* exposuref ields gives in inversed video the fields 
to be filled for the exposure record 
procedure exposuref ields ; 
begin 

gotoxy(9,6); write(' '); 
textbackground ( 14 ) ; 
textcolor (0) ; 



gotoxy(28, 6) 
gotoxy(23, 8) 
gotoxy (48, 8) 
gotoxy (25,10) 
gotoxy (49,10) 
gotoxy (69, 10) 
gotoxy (22,12) 
gotoxy (43,12) 
textbackground (z) 
textcolor (x) 
end ; 



write ( conststr ( 
write ( conststr ( 
write ( ' 0 . ' ) ; 
wr ite ( conststr ( 
write (conststr ( 
wri te ( conststr ( 
wr i te ( ' . ' ) ; 
write ( ' . ' ) ; 



,50) ) 
, 8 )); 

, 8 ) ) ; 
, 8 ) ) ; 
, 8 ) ) ; 



* ) 



(* controlform writes the field descriptions for the 
control record. The number of its fields depends on 
the number of exposures. It is used by the database 
for updating controls. *) 

procedure controlform( var expno : integer); 

var 

i : integer; 

begin 

clear frame ; 

gotoxy ( 3, 7); wr i te (' Index :') ; 
gotoxy ( 16, 7) ; write( ' Description : ' ) ; 
gotoxy(22, 8); wr i te ( ' Cost : 3 ' ) ; 
for i := 1 to expno do 
begin 

if i <= 12 then 
gotoxy ( 3, 9+i ) 
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else 

gotoxy <43, i-3) ; 

wr ite <' Effectiveness on Exposure ',i:2,':') 
end; (of for) 
end ; 



<* controlf ields gives the fields to be filled 

for the control record in inversed video *) 

procedure controlf ields < expno : integer); 

var 

i : integer; 
begin 

gotoxy<9,7); writeC' '); 
textbcickground (14) ; 
textcolor(O) ; 

gotoxy<28, 7); wr i te < conststr < ' ',50)); 

gotoxy(28, 8); wr ite < conststr < ' ',8)); 

for i : = 1 to expno do 
begin 

if i <= 12 then 
gotoxy ( 33, 9 + i ) 
else 

gotoxy <73, i-3) ; 
write < ' 0 . '); 

end; (of for) 
textbackground(z) ; 
textcolor <x) 
end ; 
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( A********************************************************** ) 



( » * ) 

<* DATABASE. DSS *> 

( * * ) 

<* This is the database of the system and performs all *) 

(* the functions contained in the dbasemenu. ») 



(it*********************************************************) 



overlay procedure database; 
label 

cancel ; 
var 

ans : char; 
next : integer; 

(* makeproblem creates the control and exposure files 
for each new problem and puts the problem description 
in the problem area of the frame. *) 

overlay procedure makeproblem ( s : str8) ; 
begin 

clearf rame; 
problemf ield (s) ; 
action ('NEW PROBLEM'); 

message ( 'CREATING EXPOSURE AND CONTROL FILES'); 
delay ( 2000 ) ; 

makef ile(f ilel ,dr+s+ ' .dxp' , sizeof (expsr ) ) ; 
make index < indexl ,dr + s+' . ixp ' , sizeof ( expsr . index ) , 0 ) ; 
closef i le ( f i lei ) ; 
close! ndex < indexl ) ; 

makef ile(filel,dr + s*»-' . del ' , sizeof ( ctr 1 ) ) ; 
make index < indexl , dr+s+ ' . icl ' , sizeof (Ctrl .index) ,0) ; 
closef ile(f ilel ) ; 
closeindex ( indexl ) ; 
end ; 



(* deleteproblem deletes all the files referred to the 
current problem, removes its description from the 
problem area and removes also the record referred to 
that from the directory of the system. *) 

overlay procedure deleteproblem ( s : str8 ) ; 
var 

i : integer; 

begin 

cl ear message ; 
clearselect ; 

action (' DELETING PROBLEM'); 
assign(fl,dr+s+' .dxp' ) ; 
erase ( f 1 ) ; 
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assign (fl,dr+s+' . ixp' ) ; 
erase (£1 ) ; 

assign(fl,dr+s+' .del' ) ; 
erase ( £1 ) ; 

assign (£1 , dr + s + ' . icl ' ) ; 
erase (£1 ) ; 

openf ile(filel,dr+s+' . wdt ' , sizeof (st ) ) ; 

i£ ok then 

begin 

c lose£i le ( £i lei ) ; 
assign(£l,drta+ / .wdt' ) ; 
erase (£1 ) ; 

assign(£l,dr+s+' . wic ' ) ; 
erase ( £1 ) 
end ; 

openf ile(filel,dr+s+' . pdt ' , sizeof < st ) ) ; 

if ok then 

begin 

closef ile (filel) ; 
assign ( £1 , dr+s+ ' . pdt ' ) ; 
erase ( £1 ) ; 

assign (fl , dr +s+ ' -pic' ); 
erase ( £1 ) 
end ; 

openf ile(filel,dr+s+' . rdt ' , sizeof (st ) ) ; 

if ok then 

begin 

closefi le (£i lei ) ; 
assign(£l # dr+s+ / .rdt' ) ; 
erase ( £1 ) ; 

assignCfl, dr+s+ ' . r ic ' ) ; 
erase ( £1 ) 
end ; 



(* delete the directory of the current drive if it 

does not contain onother problem *) 

openfileCf i le2 ,dr+'problem.dta' , sizeof (problem ) ) ; 
if usedrecs ( £i le2) > 1 then 
begin 

ini t index ; 

open index ( index2 ,dr+' problem . idx ' , sizeof ( cproblem ) , 0 ) 
deletekey ( index2 ,i,s); 
deleterec(£ ile2, i ) ; 
closefi le ( £i le2 ) ; 
close index ( index2) 
end 
else 
begin 

closef i le ( f i le2 ) ; 

assign (fl,dr+' problem . dta ' ) ; 

erase ( £1 ) ; 

assign (fl,dr+'problem.idx' ) ; 
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eras© < f 1 > 
end ; 

clearproblem 

end; 



<* updatecontrol adds, deletes, edits and scrolls 

the file of the controls data. *) 

overlay procedure updatecontrol < cproblem : str8; 

expno : integer ) ; 

label 

cancel ; 
var 

rn,i,t : integer; 

idx : string C 2 D ; 

ans : char; 



<* writecontrol writes the content of a control 
on the input/output control form, 
procedure writecontrol (Ctrl : control; expno 

var 

i : integer; 

begin 

controlf ields (expno) ; 
with Ctrl do 
begin 

gotoxy<9, 7); wr ite < index ) ; 
textbackground ( 14 ) ; 
textcolor (0) ; 

gotoxy(28, 7); wr l te ( descr l pt ion > ; 
gotoxy(28, 8); write(cost); 
for i : = 1 to expno do 
begin 

if i <= 12 then 
gotoxy ( 33 , 9 + i ) 
else 

gotoxy (73, i-3) ; 
wri te ( ef f ect [ i ] ) 
end 
end ; 

textbackground ( z ) ; 
textcolor ( x ) 
end; 



record 

* ) 

: integer) 
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<» IOcontrol reads input data from the screen. It is 
used for adding and editing controls. *) 

procedure IOcontrol ( var Ctrl : control; 

ch : char; 

expno : integer ) ; 

var 



tc 


• 

m 


char; 


i , j , n, ti 


m 

• 


integer; 


tl 


• 

• 


string C2] 


t2 


• 

• 


string C3] 


s 


• 

• 


chset ; 



begin 

f i 11 char < tl ,aizeof ( tl ) , 0) ; 

tl := ' Q . ' ; 

s := C# 48. .#57] ; 

n : = 2 + expno; 

tc : = ' ' ; 

with Ctrl do 

while tc <> 'Y' do 

begin 

i := 1; 
case ch of 
'A' : begin 

fillcharC Ctrl , sizeof (Ctrl ) , 0) ; 
controlf ields (expno) ; 

index : = inttostr ( usedrecs (filel)+l) ; 
if length ( index) = 1 then 
insert ( ' 0' , index, 1 ) ; 
gotoxy(9,7) ; write(index) 
end ; 

' E ' : begin 

writecontrol (ctrl , expno) ; 
if next = 2 then 
i : = expno+2 



end 

end; (of case) 
repeat 

case i of 

1 : inputstr ( descr i pt ion , 50 , 23 , 7 , 

C #32 • .#126] , tc) ; 



2 : inputstr(coat,8,28,8,s,t c) ; 

3 . . 14 : begin 

fillchar(t2, sizeof (t2) ,0) ; 
t2 := copy (effect Ci-2J ,3,5) ; 
inputstr ( t2 , 3 , 35 , 7 + i , s , t c ) 
end ; 



15 . . 26 : begin 

fillchar(t2,sizeof (t2) ,0) ; 
t2 := copy ( ef f ect C i-2] # 3 , 5 ) ; 
inputstr (t2,3,75,i-5,s,tc) 
end 

end; (of case) 
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if i > 2 then 
begin 

if ( length ( t2) < 3> and <length(t2) > 0) then 

for j := length ( t2 )+ 1 to 3 do 
insert ( ' 0' , t2 , j > ; 
effect Ci-2] : = tl «*■ t2 

end ; 

ti : = i ; 
f unckey (tc, i > ; 

if (ti = i > and (chr (ord (tc) -100) <> ' H ' ) then 

i : = i + 1 
until i > n; 

select ( ' IS RECORD CORRECT ( Y/N ) ? 

I'Y' ,'y' ,'N' ,'n'l ,tc) ; 

clearselect 
end (of while) 
end ; 



(* deletecontrol deletes the current control record, 
if there are more than two controls in the file, 
on the screen and adjusts the index of all the 
successor records in the file. *) 

procedure deletecontrol ( s : str8; idx : str2 ); 
var 

i,t,rn : integer; 

tc : char; 

tdx : string C 2 3 ; 

begin 

clearframe ; 

if usedrecs ( f i lei ) = 2 then 

begin 

messageC 'SYSTEM REQUIRES 2 CONTROLS AT LEAST'); 
wait 
end 
else 
begin 

messageC'****** DELETING CONTROL ' +idx+' ******'); 

deletekey ( indexl , rn, idx) ; 
deleterecCf ilel , rn) ; 
t := strtoint ( idx ) ; 

if t <= usedrecs ( f i lei ) then 

with Ctrl do 

begin 

f illchar <tdx,sizeof (tdx) ,0) ; 
tdx := inttostr ( t ♦ 1 ) ; 
if length(tdx) = 1 then 
insert ('0' , tdx , 1 ) ; 
f indkey ( indexl , rn , tdx ) ; 



107 



1 



repeat 

getrec (filel,rn,ctrl) ; 
t := strtoint ( index) - 
index := inttostr(t); 
if length ( index) = 1 then 
insert < ' 0 ' „ index , 1 ) ; 
putrec ( f ilel , rn , Ctrl ) ; 
deletekey ( indexl , rn , tdx) ; 
addkey ( indexl f rn , index) ; 
next key < indexl ,rn, tdx) 
until not ok; 
closeindex ( indexl ) ; 
ini tindex ; 

open index < indexl , cproblem+ ' . icl ' , sizeof ( index) , 0) 
end (of if/with) 
end (of else) 
end ; 



begin (of updatecontrol ) 
controlf orm (expno) ; 
initindex ; 

openf ileCfilel, dr problem* ' . del ' , sizeof ( ctr 1 ) ) ; 

open index < indexl , dr + cproblem+ ' .icr , sizeof < Ctrl .index ) , 0) 

f illchar < idx, sizeof < idx) ,0) ; 

fillcharCctrl , sizeof (ctrl) , 0) ; 

clearkey ( indexl ) ; 

if next <> 1 then 

begin 

next key < indexl ,rn,idx); 

if ok then 

begin 

getrecCf ilel , rn , ctrl ) ; 
wr itecontrol ( ctrl , expno ) 
end 

else goto cancel 
end ; 

ans : = ' ' ; 

with ctrl do 
while ans <> 'Q' do 

begin 

action ( ' UPDATE CONTROLS' ) ; 
if next = 2 then 
ans : = ' E ' 

else 
begin 

f lag : = false ; 

if usedrecs ( f i lei ) >= 2 then 

begin 

select (' A ) dd , D)elete, E)dit, N)ext, P>revious 

'or Q)uit:',['A','D','E','N','P','a'] ,ans) ; 
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clearselect 

end 

else 

ans : = ' A ' 

end ; 

/ 

case ans of 
'A' : begin 

action ('ADD CONTROL '); 

if usedrecs ( f i lei ) = maxctrl 

begin 

clear frame ; 

message ( ' THE SYSTEM CANNOT 
wait ; 

goto cancel 
end ; 

IOcontrol (Ctrl , ' A' , expno) ; 
addrec(filel,rn,ctrl) ; 
addkey ( indexl , rn , index) ; 
idx := index; 
f indkey ( indexl ,rn, idx) 
end ; 

'D' : begin 

action ( 'DELETE CONTROL '); 
deletecontrol (cproblem, idx) ; 
controlf orm ( expno) ; 
i := strtoint ( idx ) ; 
clearkey ( indexl ) ; 
if i <= usedrecs(f ilel ) then 
f indkey (indexl, rn, idx) 
else 
repeat 

next key ( indexl ,rn , idx) 
until ok 
end ; 

'E' : begin 

action ( ' EDIT CONTROL'); 
getrec (f ilel,rn f Ctrl ) ; 
IOcontrol (ctrl, 'E' , expno) : 
putrec(filel,rn, Ctrl ) 
end ; 

'N' : repeat 

nextkey (Indexl ,rn, idx) 
until ok; 

'P' : repeat 

prevkey (indexl ,rn, idx) 
until ok 
end; (of case) 



then 

HOLD ANOTHER 
' CONTROL') 
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if ans in C ' D' , ' N ' , ' P' 3 then 
begin 

getrec(filel,rn,ctrl) ; 
wr itecontrol (ctrl,expno) 
end ; 

if next = 2 then 
begin 

next key ( indexl ,rn, idx ) ; 
if not ok then 
begin 

next := 0; 
ans := 'Q' 
end 
end 

end; (of with/while) 
cancel : closef ile(filel) ; 

closeindex < indexl ) ; 



end ; 



(* updatexposure adds, deletes, edits and scrolls 

the file of the exposures data. * ) 

overlay procedure updatexposure ( cproblem : str8 

var expno : inteqer > 

label 

cancel ; 
var 

rn , i , t : integer; 

idx : string C2] ; 

ans : char; 



(* writexposure writes the content of 
on the input/output exposure form, 
procedure wr i texposure C expsr : exposure 



begin 

exposuref ields ; 
with expsr do 
begin 

gotoxy C 9 , 6 ) ; 
text background 
textcolor ( 0 ) ; 
gotoxy < 28 , 6 ) ; 
gotoxy ( 23 , 8 ) ; 

gotoxy (48 , 8) ; 

gotoxy < 25 , 10 ) ; 
gotoxy ( 49 , 10 ) ; 
gotoxy < 69 , 10 ) ; 



rite ( index ) ; 

14) ; 

write (description ) ; 
wr i te ( damage ) ; 
write (probabi lity) ; 
write(smallest) ; 
write (mostlikely) ; 
write ( largest ) ; 



an 
) ; 



exposure record 



* 
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gotoxy (22, 12) ; write(rankP) ; 
gotoxy < 43 , 12) ; write < rankQ) 
end; (of with) 
textbackground(z) ; 
textcolor ( x) 
end ; 



(* IOexposure reads input data from the screen 
used for adding and editing exposures. 



procedure 

var 

tc 

tl : 

t2 

i, 3 ,ti : 



IOexposure (var expsr 
char ; 

string C 1) ; 
string C3J ; 
integer ; 



exposure ; 



It is 

* ) 

ch : char ) ; 



begin 

i : = l ; 

tc := #0; 

with expsr do 

while tc <> 'Y' do 

begin 

i : = 1 ; 
case ch of 
'A' : begin 

f illchar (expsr , sizeof (expsr) ,0) ; 
exposuref ields; 

index : = inttostr ( usedrecs (filel) >1) ; 
if length ( index) = 1 then 
insert ( ' 0' , index , 1 ) ; 
gotoxy (9,6) ; write(index) 
end ; 

'E' : wri texposure ( expsr ) ; 

end; (of case) 



repeat 

case i of 

1 : inputstr ( description , 50 ,28,6, C #32 . . # 1 2b] . tc > ; 

2 : inputstr(damage,8,23,8, (#48. .#57] ,tc) ; 

3 : begin 

fillchar( t2 , sizeof ( t2 ) , 0 ) : 
t2 := copy ( probabi 1 i ty , 3 , 3 ) ; 
inputstr(t2,3, 50 , 8 , (#48. .#57] ,tc) ; 
if (length(t2) < 3) and (length(t2) > 0) then 

for j := length(t2)+l to 3 do 
insert ('0',t2,j> ; 
probability := '0.' + t2; 

end ; 
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inputstr < smallest ,8,25,10, C#48 . . #573 , tc ) ; 



5 : inputstr (mostlikely, 8, 49, 10, C#48. .#573 

6 : inputstr < largest ,8,69,10, [#48 . . #573 , tc ) ; 

7 : begin 

f i 1 1 char ( tl , sizeof ( tl ) , 0 ) ; 
f illchar <t 2 ,sizeof <t 2 > , 0 ) ; 
tl := copy ( rankP , 1 , 1 ) ; 
t2 := copy (rankP, 3, 3) ; 
inputstr (tl, 1, 22 , 12 , [#48. .#573 , tc) ; 
inputstr < t2 , 3 , 24 ,12, C#48. .#573 ,tc); 
if ( length ( t2 ) < 3) and Clength(t2) > 0) 

for 3 := length ( t2> +1 to 3 do 

insert ( ' O' , t 2 , j ) ; 
rankP : « tl + ' . ' + t2 

end ; 

8 : begin 

f i 1 1 char ( tl , sizeof ( t 1 ) , 0 ) ; 
f illchar (t 2 , sizeof <t2) , 0 ) ; 
tl := copy ( rankQ , 1 , 1 ) ; 
t2 := copy (rankQ, 3, 3) ; 
inputstr (tl, 1,43,12, [#48. .#573 , tc ) ; 
inputstr (t2,3,45,12, [#48. .#573 ,tc) ; 
if (length(t2) < 3) and (length(t2) > 0 ) 
for j := length ( t2) +1 to 3 do 
insert ( '0' , t2 , j ) ; 
rankQ : = tl + ' . ' + t2 

end 

end; (of case) 

ti : = i ; 
f unckey ( tc , i ) ; 

if (ti = i) and ( chr c ord ( tc ; - 100 ) <> 'H') 

i : = i + 1 
until i > 8 ; 

select (' IS RECORD CORRECT ( Y / N ) ? 

I'Y' ,' y' , ' N' , ' n' 3 ,tc) ; 

clearselect 
end: (of while) 

end ; 



tc) ; 



then 



then 



then 
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(* deletexposure deletes the current control record 
on the screen, if there are more than two exposures 
in the exposure file and adjusts the index of all 
the successor records. Then it opens the control 
file and removes from all the control records the 
reference to the deleted exposure. *> 

procedure deletexposure < cproblem : str8; idx : str2 ) 

var 

i , rn, usdr , 

t, recno : integer; 

tc : char; 

tdx : string C23 ; 

begin 

clearf rame ; 

usdr := usedrecs (f ilel ) ; 
if usdr = 2 then 
begin 

message ( ' SYSTEM REQUIRES 2 EXPOSURES AT LEAST' ) 
wait 
end 
else 
begin 

message ('***»** DELETING EXPOSURE '*idx+' * * * * * * ' ) 

deletekey (indexl, rn, idx) ; 

deleterec ( f i lei , rn ) ; 

recno := strtoi nt ( idx ) ; 

usdr != usedr ecs ( f i lei ) ; 

if recno <= usdr then 

with expsr do 

begin 

f illchar ( tdx,sizeof (tdx) , 0 > ; 
tdx := mttostr < recno+ 1 ) ; 
if length(tdx) = 1 then 
msert( / 0' , tdx , 1 ) ; 
f indkey ( indexi , rn , tdx ) ; 
repeat 

getrec (filel,rn, expsr ) ; 
t := strtoint ( index ) - 1; 

index := inttostr(t); 
if length ( index ) = 1 then 

insert ( 'O' , index, 1) ; 
putr ec (filel,rn, expsr) ; 
deletekey (indexi , rn , tdx ) ; 
add key < indexi , rn , index ) ; 
nextkey ( indexi , rn,tdx) 
until not ok 
end; (of if /with) 
closef ile(filel) ; 
closemdex(indexl) ; 
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with Ctrl do 
begin 

ini t index ; 

openf ile(filel, dr + cprobl©m+ ' . del ' , si zeof ( Ctrl ) ) ; 
open i ndex ( index 1 , dr+cproblem+ ' .icT , si zeof (index ) , 0 ) 
clearkey ( indexl ) ; 
repeat 

nextkey ( indexl , rn , tdx ) ; 

if ok then 

begin 

getrec ( fi lei , rn , Ctrl ) ; 

for i := recno to usdr do 

begin 

effectCi] := effectti+1]; 
end; (of for) 

f i 1 1 char ( effect C i + 1 ] ,b, 0 ) ; 
putrec ( f i lei , rn , Ctrl ) ; 
end 

until not ok; 
closef ile(filel) ; 
close index < indexl ) 
end; (of with) 
ini tindex; 

openf i le ( f i lei , dr + cproblem * ' . dxp' , si zeof ( expsr > ) ; 
open index (indexl, dr+cproblem+ ' . ixp' , 

si zeof (expsr. index) , 0 ) ; 

end (of else) 
end ; 



begin (of updatexposure) 
exposuref orm ; 
i ni t index ; 

openfile(filel, dr + cproblem-*-' . dxp ' , si zeof ( expsr > ) ; 
expno := usedrecs ( f i lei ) ; 
openindex(indexl,dr+cproblem+ / . ixp' , 

s izeof ( expsr . index) , 0 ) ; 
fillchar(idx, si zeof ( idx ) , 0 ) ; 
f i 1 lchar (expsr , si zeof (expsr ) , 0 ) ; 
clearkey ( i ndexl ) ; 
if next <> 1 then 

beg i n 

nextkey ( indexl ,rn, idx ) ; 

if ok then 

begin 

getr ec ( f i lei , rn , expsr ) ; 
writexposure( expsr ) 
end 

else goto cancel 
end ; 

ans : = ' ' ; 
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with expsr do 
while ana <> 'Q' do 
begin 

action ( ' UPDATE EXPOSURES'); 
if usedrecs ( f i lei ) >= 2 then 

begin 

select <' A)dd, D)elete, E)dit, N)ext, P)revious ', 
'or Q ) ui t : ' , C'A','D','E','N','P','Q'] ,ans) ; 
clearselect 
end 
else 

ana : = ' A ' ; 



case 

'A' 



'D' 



' E ' 



' N' 



ana of 
: begin 

action ( ' ADD EXPOSURE'); 

if usedrecs < f i lei ) = maxexp then 

begin 

clearf rame ; 

message( ' THE SYSTEM CANNOT HOLD ANOTHER ' 

' EXPOSURE' ) 

wait ; 

goto cancel 
end ; 

IOexposure ( expsr , 'A' ) ; 
addrec ( f i lei , rn , expsr ) ; 
addkey ( index 1 , rn , index) ; 
idx : = index ; 
f indkey ( indexl ,rn, idx ) 
end ; 

: begin 

action < ' DELETE EXPOSURE'); 
deletexposure < cproblem , idx) ; 
exposuref orm ; 
i := strtoint C idx ) ; 
clearkey ( indexl ) ; 
if i <= usedrecs ( f i lei ) then 
findkey(indexl,rn, idx) 
else 
repeat 

next key ( indexl ,rn, idx) 
until ok 
end ; 

: begin 

action ( 'EDIT EXPOSURE'); 
getrec (filel,rn, expsr) ; 

IOexposure ( expsr , ' E ' ) ; 
putrec <filel,rn, expsr ) 
end ; 

: repeat 

next key < indexl ,rn, idx ) 
until ok; 
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'P' : repeat 

prevkey < indexl ,rn, idx ) 
until ok 
end; (of case) 

if (ana in C / D'/N , /P / ]) then 
begin 

getrec (filel,rn, expsr ) ; 
writ exposure < expsr ) 
end (of if) 

end; (of with/while) 
t := usedrecs ( f i lei ) ; 
if expno < t then 
begin 

expno := t; 
next : = 2 
end 
else 

next := 0; 
expno := t; 

cancel : closef ile(filel) ; 

closeindex ( indexl ) ; 

end ; 



(* get directory asks the user to define the drive he/sh 
wants to use, writes directory in the work area an 
asks for a problem description. *) 

overlay procedure getdirector y ; 
label 

cancel ; 
var 



i * 3 > 


number : integer; 


tby 


: real ; 


ch 


; char; 


idx 


; string [23 



begin 

cl ear problem ; 
clearf rame ; 

message( ' DEFINE THE DRIVE YOU WANT TO USE FOR FILES'); 
gotoxy (16,16) ; 

write < ' IT IS BETTER THE D5S TO BE ON A DIFFERENT DRIVE'); 
gotoxy (16,18); 

write ( ' DO NOT USE THE LETTER C IF THERE IS NO HARD DISK'); 

select ( 'DRIVE A,B,C,D,E or F C#65 .. #70 , #97 102J , ch ) ; 

f illchar (dr, sizeof ( dr ) , 0 ) ; 

dr := ch + ' : ' ; 

clearf rame ; 

action ( 'DIRECTORY' ) ; 
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a m 



openf ile<filel,dr+' problem .dto' , sizeof ( problem ) ) ; 

If ok then 
begin 

ini tindex ; 

openi ndex < indexl ,dr +/ problem • idx ' , 

sizeof ( problem • problemname ) , 0 ) ; 
clearkey < indexl ) ; 
i := 10; 

3 : = i ; 

gotoxy <12,7) ; 

write < ' CHOOSE ONE OF THE FOLLOWING OR CREATE YOUR 

' OWN PROBLEM') 

textbackground < 14) ; 
textcolor <0) ; 
gotoxy < 15,9) ; 
write< 'PROBLEM: ' ) ; 
gotoxy (27,9); 
write< 'CREATED BY:'); 
gotoxy <56,9) ; 
wr i te < ' DATE : ' ) ; 
textbackground < z ) ; 
textcolor < x ) ; 

next key < indexl , number , problem . problemname) ; 
repeat 

getrec < f i lei , number , problem ) ; 

gotoxy < 15 , i ) ; wr i te < problem . problemname ) ; 

gotoxy < 27 , i ) ; write < problem . creator ) ; 

gotoxy < 56 ,i); write< problem . date ) ; 

i : = i + 1 ; 

3 := 3 + l; 

if <i > 20) and < usedrecs ( ±'i lei ) > j) then 

begin 

i := 10; 

wait ; 
cleartext 
end ; 

next key < indexl , number , problem . problemname ) 
until not ok; 
gotoxy <21,21); 
textbackground (3) ; 
textcolor ( 0 ) ; 

wr ite <' Number of Problems in the Directory: 

usedrecs < f i lei ) : 2 ) ; 

textbackground < z ) : 
textcolor (x) ; 
closef ile(f ilel) ; 
close index < indexl ) 
end 
else 
begin 

spaceavai lable < tby ) ; 
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if tby < 30000.0 then 
begin 

message ( ' THERE 15 NOT ENOUGH SPACE ON DRIVE '+dr>; 
wait ; 

next := 3; 
goto cancel 
end ; 

message ('***»»* NEW DIRECTORY ******'); 

makef ile(f ilel^dr-*-' problem . dta ' , sizeof < problem ) ) ; 

make index ( index 1 , dr + ' problem . idx' , 

sizeof ( problem . problemname ) , 0 ) ; 

closef ile(filel) ; 
close index < indexl ) ; 
end ; 

initindex ; 

openf ile(filel,dr+' problem . dta ' , sizeof ( problem ) ) ; 
open index (indexl,dr+ / problem . idx ' , 

sizeof ( problem . problemname) , 0) ; 
action ( ' GIVE PROBLEM NAME'); 
gotoxy (4,23) ; 

write< 'ENTER THE NAME OF THE PROBLEM:'); 
f il lchar ( cproblem , sizeof ( cproblem ) , 0 ) ; 
f i 1 lchar (problem , sizeof ( problem ) , 0) ; 
inputstr (cproblem, 8, 35, 23, [#48. .#1263 ,tc) ; 
cproblem := upcasestr ( cprobl em ) ; 
adjuststr (cproblem) ; 
f indkey ( indexl , number , cproblem ) ; 
if not ok then 
begin 

spaceavai labl e ( tby ) ; 
if tby < 10000.0 then 
begin 

closef ile(filel) ; 
cl ose index ( indexl ) ; 
clearf rame ; 

message ( 'THERE IS NOT ENOUGH SPACE ON DRIVE '+dr>; 
wait ; 

next := 3; 
goto cancel 
end; 

clearselect ; 

gotoxy (4,23) ; write ( ' ENTER YOUR NAME:'); 

inputstr ( problem . creator , 25 , 21 , 23 , [#32. .#1263 ,tc) ; 

problem . problemname := cproblem; 

problem . creator := upcasestr ( problem . creator ) ; 
getdate (problem . date) ; 
number : = 0 ; 

addrec ( f i lei , number , problem ) ; 

addkey ( indexl , number, problem . problemname) ; 
closef ile(filel) ; 
cl ose index ( indexl ) ; 
expno : = 0 ; 
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1 



next : = 
end 
else 

<* get key information about the latest model execution *) 

with problem do 

begin 

getrec ( f i lei , number , problem ) ; 
wcombindex := wcomb; 
pcombindex := pcomb; 
rcombindex := rcomb; 

wtotalcost := strtoreal ( wtotcost ) ; 
ptotalcost := strtoreal ( ptotcost) ; 
rtotalcost := strtoreal < rtotcost ) ; 
closef ile Cfilel) ; 
closeindex ( indexl ) ; 

openf i le < f i lei , dr +cproblem+ ' .dxp" , sizeof (expsr ) ) ; 
expno := usedrecs ( f i lei ) ; 
closef ile (filel ) ; 
problemf ield (cproblem ) 
end ; 
cancel : 
end ; 



BEGIN (OF DATABASE) 
ans : = ' ' ; 

if flag then 
begin 

getdi rectory ; 

if next = 1 then 

begin 

raakeproblem ( cproblem ) ; 
updatexposure ( cproblem , expno ) ; 
next : = 1; 

updatecontrol (cproblem , expno) 
end ; 

if next <> 3 then 
flag := false; 
next := 0; 
goto cancel 
end ; 

while ans <> 'S' do 

begin 

dbasemenu ; 

select < ' SELECT 1,2, 3, 4, 5 or 6 : ' , [ ' 1 ' . . ' 6' D , ans) ; 
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case ans of 



'1' : help ( ' D' ) ; 

'2' :begin 

getdi rectory ; 

if next = 1 then 

begin 

makeproblem (cproblem) ; 
updatexposure(cproblem,expno) ; 
next : * 1; 

u pda t ©control (cproblem, expno) ; 
next := 0 
end 
end ; 

'3' : begin 

clearf rame ; 

message ( ' DO YOU WISH TO DELETE THE PROBLEM?') 
select ( ' TYPE t ! 3 TO DELETE OR ANY KEY TO ' 
'CANCEL' , C#1 . .#1263 ,ans) ; 



if ans = ' ! ' then 

begin 

deleteproblem ( cproblem ) ; 
flag : = true ; 
next := 0; 
goto cancel 
end ; 

ans := ' ' 

end ; 

'4' : begin 

updatexposure ( cproblem , expno ) ; 

if next = 2 then 

begin 

updatecontrol ( cproblem , expno) ; 
next : = 0 
end 
end ; 

'5' : updatecontrol (cproblem , expno) 

end (of case) 
end; (of while) 
cancel : 



END; 
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(**»*****»***************************»********************•) 



( * * ) 

(* MODEL. DSS * ) 

< * * ) 

< * This is the model execution part of the system. The * ) 

<* user can select one or more statistical methods for *) 

(* the model run. *) 

< * * ) 



(**********************************************************) 



overlay procedure 
label 

cancel , cont ; 
var 

ans , tans , ch 
f lagl , £lag2 
method 
expdam 
i , rn , ctrlno 
idx 

maximum 
benef i t , 
u,y , t 



model ; 



char ; 
boolean ; 
string C2J ; 
array Cl. .maxexp] 
integer ; 
string C2D ; 
string CIO] ; 

real ; 



of real; 



(* weightedprobability computes the expected cost for 
each exposure of the exposure file. *) 

overlay procedure weightedprobabi 1 i ty ; 
begin 

ini tindex ; 

openf i 1 e ( f i lei , dr +cproblem+ ' .dxp' ,sizeof (expsr) ) ; 
open index < indexl , dr + cproblem+ ' . ixp' , 

sizeof ( expsr . index ) , 0 ) ; 

cl ear key (indexl) ; 

f i 1 lchar ( expdam , sizeof < expdam ) , 0 ) ; 
f i 1 lchar < expsr , sizeof (expsr) ,0) ; 
totaloss : = 0 ; 
with expsr do 
repeat 

next key ( indexl ,rn, idx) ; 

if ok then 

begin 

getrec ( f i lei , rn , expsr ) ; 

i := strtoint ( index ) ; 

expdam Ci] := strtorea 1 ( damage ) * 

strtoreal (probability) ; 
totaloss := totaloss + expdamCi]; 
end 

until not ok; 
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closef ile(f ilel ) ; 
close index ( index 1 ) 
end ; 



(* pertmethod computes the expected cost for each exposure 
of the exposure file, using the P.E.R.T. method * ) 

overlay procedure pertmethod; 
begin 

f i llchar (expsr , sizeof (expsr) ,0) ; 
ini t index ; 

openf ile(filel, dr + cproblem+ ' .dxp' , sizeof < expsr ) ) ; 
open index < index 1 , dr + cproblem+ ' . ixp' , 

sizeof (expsr . index) , 0) ; 
f i llchar ( expdam , sizeof (expdam) , 0) ; 
clearkey ( indexl ) ; 
totaloss : = 0 ; 
with expsr do 
repeat 

next key < indexl , rn , idx ) ; 

if ok then 

begin 

getrec ( f i lei , rn , expsr ) ; 
i := strtoint ( index) ; 

expdam Ci] : = ( strtoreal (smal lest ) + 

4 * strtoreal (mostlikely) 

+ strtoreal < largest ) ) / 6; 

totaloss := totaloss + expdam Ci] 
end 

until not ok; 
closef ile(f ilel) ; 
closeindex < indexl ) 
end ; 



(* rankingmethod computes the expected cost for each 
exposure of the exposure file, using the Ranking 
method. ») 

overlay procedure rankingmethod; 
begin 

ini tindex ; 

openf ileCfilel, dr + cproblem + ' . dxp * , sizeof < expsr ) ) ; 
open index ( indexl , dr + c problem-* ' . ixp' , 

sizeof (expsr . index) ,0) ; 

clearkey ( indexl ) ; 

f i llchar (expdam , sizeof (expdam) ,0) ; 
f i llchar ( expsr , sizeof ( expsr ) , 0 ) ; 
totaloss := 0; 
y := In ( 10 ) ; 
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with ©xpsr do 
repeat 

nextkey ( index 1 , rn , idx ) ; 

if ok then 

begin 

getrec ( f i lei , rn , expsr ) ; 

u := y * (strtoreal (rankP) + str toreal < rankQ ) - 3) 

i := strtoint ( index ) ; 
expdamtil := exp(u) / 4.0; 
totaloss := totaloss + expdamCi] 
end 

until not ok; 
closef ile(filel) ; 
close index ( index 1 ) 
end ; 



(* ef f ect i vecontrol computes the effectiveness for each 
control activity in the control file. If the control 
is an effective one then it is loaded in memory for 
subsequent computation. ») 

overlay procedure effect! vecontrol ; 
begin 

ini tindex ; 

openf ile<filel„ dr *cproblem+ ' . del ' , sizeof (ctr 1 ) ) ; 

open index ( indexl ,dr+c problem*' . icl ' , sizeof ( Ctrl . index ) , 0 ) 

clearkey < indexl ) ; 

f i 1 lchar ( ctr lmatrix , sizeof ( ctr lmatr ix ) ,0) ; 

f i 1 lchar (ctrl, sizeof < ctr 1 ) , 0 ) ; 

f i 1 lchar ( comb , sizeof (comb) ,0) ; 

ctr lno : = 0 ; 

totalcost := 0; 

with Ctrl do 

repeat 

nextkey < indexl ,rn, idx ) ; 

if ok then 

begin 

benef it : = 0 ; 
getrec ( f i lei , rn , ctr 1 ) ; 
for i : = 1 to expno do 

benefit := benefit * strtoreal ( effect [ i ] ) * 

expdam C i ] ; 



if benefit > strtoreal ( cost ) then 
begin 

ctrlno := ctr lno * 1; 

ctr lmatr ix Cctr lno] := ctrl; 

totalcost := totalcost * str torea 1 ( cost ) ; 
combCctrlno] := index 
end 
else 
begin 
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message < ' CONTROL ' + copy < description ,1 , 

length (description) ) + ' IS NOT EFFECTIVE') 
delay ( 2000 ) ; 
clearmessage 
end 
end 

until not ok; 
closefile(filel) ; 
closeindex ( indexl ) ; 
end ; 



<» controlsets generate all the possible control sets 
and updates the problem record in the directory of 
the system. It has the ability also to create and 
delete the set files. *) 

overlay procedure controlsets ( maxcost : real); 

label 

cancel ; 
var 

i ; ],k,l,maxcomb,p,rn : integer; 

cost , value , sef f , tby , 
f i leby tes , indexby tes : real; 

combination : array C 1 .. maxctrl ] of char; 

(* binary converts a decimal number to its binary 
representation. Its purpose is to generate the 
combinations of the control activities. *) 

procedure binary (k : integer); 

var 

3 : integer; 

begin 

for j := 1 to ctrlno do 
begin 

if k mod 200 then 
combination C 3 3 := ' 1 ' 

else 

combination C 3 3 := 'O'; 

k : = k di v 2 
end (of for) 
end ; 

begin 

maxcomb := round ( exp ( In ( 2 ) * ctrlno)) - 1 ; 

(* computed the size in bytes of the set file *) 
filebytes (sizeof (st) * 1 . 0 ) * maxcomb; 

indexbytes := ( ( < sizeof < st . Ck ) + 5)* (order+3) * 1.0) * 

maxcomb ) /order ; 

(* ask the available bytes of the specified drive *) 
spaceavai lable < tby ) ; 
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if tby < (f ilebytes+indexbytes) then 
begin 

message ( ' THERE IS NOT ENOUGH SPACE ON DRIVE ' +dr ) 
flag2 := true; 
goto cancel 
end ; 

textbackground ( 3 ) ; 
ini tindex ; 

makefile ( f ilel , dr + cproblem+ / . 7 + method + ' dt ' , sizeof ( st ) ) ; 
make index ( index 1 , dr +cproblem+ ' . ' +method+' ic' , 

sizeof (st.Ck) , 1 ) ; 

P : = 0 ; 
with st do 

for i : = 1 to maxcomb do 
begin 

fillchar( st , sizeof < st ) , 0 ) ; 

fillchar (combination, sizeof (combination) ,0) ; 
binary < i ) ; 
cost := 0.0; 

for 3 : = 1 to ctrlno do 

if combination C 3 ] = ' 1 ' then 

cost := cost + strtoreal (ctrlmatnx [3 ] .cost) ; 
if maxcost >= cost then 
begin 

value : = 0.0; 

for 3 : = 1 to expno do 

begin 

sef f ; = 0.0; 

for 1 : = 1 to ctrlno do 

if combination C 1 ] = ' 1 ' then 

seff := seff * < 1 - seff) * 

strtoreal ( Ctrl matrix C 1 ] . effect C 3 ] ) ; 
value := value + seff * expdamC]] 
end; (of for 3} 

<* Keep only the effective control sets *) 

if value > cost then 

begin 

1 : = 0; 

for j : = 1 to ctrlno do 

if combination C 3 ] = ' 1 ' then 

begin 

1 := 1 «■ 1; 

setcombCl] := ctrlmatnx []] . index 
end ; 

P P ♦ i; 

gotoxy < 31 , 21 ) ; wr ite (' Number of Sets 

str(valueI 10 : 0 ,Vk) ; 

str < < totaloss - value) : 10:0,Lk) ; 

str ( cost : 10 : 0 , Ck ) ; 

str ( (value - cost ) : 10 : 0 , Nk ) ; 

str (( totaloss - value + cost ) : 10 : 0 , TCk ) ; 
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str((value / cost) : 5 : 4, BCR) ; 
if strtoreal (BCR) < 10.0 then 
insert < ' ' , BCR , 1 ) ; 

addrec(filel,rn,st) ; 
addkey ( indexl , rn , Ck ) ; 
end 
end 

end; (of for i) 

gotoxy (31,21) ; write ( conststr ( ' ' , 20) ) ; 

if usedrecs ( f ilel ) = 0 then 

begin 

closef ile (f ilel ) ; 
closeindex ( indexl ) ; 

assign (fl , dr^cproblem+ / . '+method+'dt' ) 
erase(f 1 ) ; 

assign (f 1 , dr + cproblem + * . ' + method + ' ic' ) 
erase ( f 1 ) 
end 
else 
begin 

closef ile(filel) ; 
closeindex ( indexl ) ; 
if totalcost > maxcost then 
totalcost := maxcost; 



comb ; 
comb ; 

totalcost ; 

0 , problem . wtotcost > 



case method of 
' w' : begin 

wcombindex 
problem . wcomb 
wtotalcost 
str (totalcost: 10 
adjuststr (problem . wtotcost ) 
end ; 

'p' : begin 

pcombindex := comb; 

problem . pcomb := comb; 
ptotalcost := totalcost; 

str ( totalcost : 10 : 0 , problem . ptotcost ) ; 
adjuststr ( problem .ptotcost ) 
end ; 

'r' : begin 

rcombindex := comb; 

problem . rcomb := comb; 
rtotalcost := totalcost; 

str ( totalcost : 10 : 0 , problem . rtotcost ) ; 
adjuststr (problem. rtotcost ) 
end 

end; (of case) 

openf i le ( f ilel , dr ' problem . dta ' , sizeof ( problem ) ) 
open index ( indexl , dr+ ' problem . idx ' , 

sizeof (problem . problemname) ,0) 
f indkey ( indexl , rn, cproblem ) ; 
putrec ( f i lei , rn , problem ) ; 
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closef ile(f ilel ) ; 
close index ( index 1 ) 
end ; 

cancel : textbackground <z) 

end ; 

BEGIN (OF MODEL) 
ans : = ' ' ; 

flagl := false; 
while ans <> ' S' do 

begin 

if not flagl then 
begin 

modelmenu ; 

select ( 'SELECT 1,2, 3, 4,5 or 6 : ' , C ' 1 ' . . ' 6 ' ] ,ans) ; 

clearf rame ; 
tans := ans 
end ; 

if ans = '5' then 
begin 

flagl := true; 
ans : = '0' ; 

tans : = ' 2 ' 

end ; 

ch : = #0 ; 
case tans of 

'1' : help ( ' 0 ' ) ; 

'2' : begin 

method : = ' w ' ; 

action ( 'MODEL / WEIGHTED METHOD'); 
end ; 

'3' : begin 

method : = ' p' ; 

action( 'MODEL / P.E.R.T. METHOD'); 
end ; 

'4' : begin 

method : = ' r ' ; 

actionC 'MODEL / RANKING METHOD'); 
flagl := false 
end ; 

'6' : goto cancel 

end; (of case) 

if tans in C'2'..'5'3 then 
begin 

openf ile (f ilel ,dr+cproblem+ ' . ' + method* ' dt ' , 

sizeof ( st ) ) ; 

if ok then 
begin 

closef ile Cfilel) ; 

message( 'THERE IS ALREADY FILE FOR THAT METHOD'); 
select (' SELECT D)elete, R)un or any key to cancel:', 

[# 1 . .# 126 ) , ch ) ; 
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clear message ; 
clearaelect ; 
end; 

if ch in C'D','R ',#03 then 
begin 

if ch in C'D','R'D then 
begin 

assign ( f 1 , dr+cprobler+ ' . ' + method* ' dt ' ) ; 
erase ( f 1 ) ; 

assign ( f 1 , dr + cproblem+ ' . ' + met hod-** ' ic' ) ; 
erase ( f 1 ) 
end ; 

if ch = 'D' then 
goto cont; 
case tans of 

'2' : weightedprobabi 1 i ty ; 

' 3 ' : pertmethod; 

' 4 ' : rankingmethod 

end ; 

ef f ecti vecontrol ; 

if totalcost < 1.0 then 

begin 

message < ' CANNOT COMPUTE SETS WITHOUT EFFECTIVE ' 

'CONTROLS' ) 

wait ; 
goto cont 
end ; 

if ctrlno - 1 then 
begin 

message( 'CANNOT COMPUTE SETS WITH ONLY ONE ' 

'EFFECTIVE CONTROL') 

wait ; 
goto cont 
end ; 

if totaloss > totalcost then 
t : = totalcost 
else 

t := totaloss; 
gotoxy ( 20 , 8 ) ; 

writeC 'Total Damage Due To Exposures 

totaloss : 10 : 0) 

gotoxy (20,10); 

writeC 'Cost to Implement All Controls 

totalcost : 10 : 0) 

gotoxy ( 13 , 14 ); 

writ©( 'Give The Maximum Amount You Want To ', 

'Spend On Controls') 
gotoxy ( 29 , 15 ) ; write( 'or press Enter for ALL') 
gotoxy ( 30 , 17 ) ; wr ite (' MAXIMUM : S'); 

str(t:10:0, maximum) ; 
ad 3 uststr ( max i mum ) ; 

i nputstr (maximum , 10 , 42 , 17 , C ' 0 ' . . ' 9 ' 3 , ch ) ; 
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clearf rame ; 

message < ' PLEASE WAIT' ) ; 
contro 1 sets < str tor eal (maximum) ) 
if flag2 then 
begin 

flag2 := false; 
goto cont 
end ; 

cl ear message 
end 
end ; 

cont: if flagl then 

begin 

tans := chr (ord < tans) +1 ) ; 
cl ear message 
end 

end; (of while) 
cancel : 

END; 



129 



(to*********************************************************) 



( * *) 

<* SENSANAL . DSS *) 

(* *) 

(* This is th© sensitivity analysis part of the system. *) 

(* It consists of procedures for control strategy *) 
<* selection, graphics and report printouts. *) 

(* *) 



(**********************************************************) 



overlay procedure 
var 
a , b 

i 9 3 p k 9 rn , Ctrl no , 
maxNKrn , maxBCRrn 
maxNk , maxBCR, 
low , high , key 
idx 

a ns , method , tc 



sensi ti vi tyana lysis 

: plotarray ; 

: integer; 

: string CIO] ; 

: string C23 ; 

: char; 



(* inputlimits prompts the user to give the desired cost 

range within which the set files will be searched. *) 

procedure inputlimits; 
begin 

clearf rame ; 
case method of 

'W' : totalcost := wtotalcost; 

'P' : totalcost := ptotalcost; 

'R' : totalcost := rtotalcost 

end ; 

clearkey ( index2 ) ; 
next key < index 2 , rn , key ) ; 
getrec (file2,rn,st) ; 
adjuststr (st.Nk) ; 
ad j uststr ( st . TCk ) ; 

totaloss := strtoreal (st.Nk) + strtorea 1 ( st . TCk > ; 
gotoxy (19,7) ; 

write('Total Damage Due To Exposures : ' , totaloss : 10 : 0) ; 
gotoxy (19,9) ; 

wr ite (' Maximum Cost in the Set File ; ' , totalcost : 10:0) ; 

gotoxy (12,15) ; 

write('Give the Cost Range over which the Search will be 

done : ' ) ; 

gotoxy ( 29 , 17 ) ; write('Low Limit : S'); 

gotoxy ( 29, 19) ; write('High Limit : S'); 
repeat 

f i 1 lchar ( low ,10,0); 
f illchar ( high, 10,0) ; 
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textbackground ( 14 ) ; 
textcolor ( 0 ) ; 

gotoxy (44, 17) ; writ© (conststr ( ' ' , 10) ) ; 

go t ox y (44, IS) ; wr ite ( conststr ( ' ' , 10) ) ; 

inputstr ( low, 10 , 44 ,17, ['O'. .'9'], tc ) ; 
inputstr (high, 10,44,19, C ' 0' . . ' S' J , tc) ; 
if strtoreal (high) <= strtoreal ( low ) then 
begin 

message ( ' CHECK YOUR ENTRY. "HIGH" MUST BE GREATER ' 

' THAN "LOW"') 

wait; 

cl ear message 
end 

until strtoreal (high) > strtoreal ( low ) ; 
while length(low) < 10 do 
insert ( ' ' ,low,l) ; 

while length(high) < 10 do 
inserts ' ,high,l) ; 



(* use opens the files most commonly used in the 

sensitivity analysis process. *) 

procedure use(cproblem : str8; method : char); 

begin 

ini tindex ; 

openfile(filel, dr^cproblem^ ' . del ' , sizeof ( Ctrl ) ) ; 
open index ( index 1 , dr+cproblem+ '.icl',sizeof( Ctrl .index) , 0 ) 
openfile(file2, dr+cproblem+ ' . ' +method+'dt' , sizeof (st) ) ; 
open index ( index2,dr+cproblem+ ' . ' +method+' ic y , 

sizeof ( st . Ck ) , 1 ) 

end ; 



(* closefiles closes files opened with the use procedure *) 

procedure closef i les ; 

begin 

closef i le ( f i lei ) ; 
closeindex ( indexl ) ; 
c losef i le ( f i le2 ) ; 
closeindex ( index2) ; 
end ; 

overlay procedure controlstrategy ; 
label 

cancel ; 
var 

tloss : real; 

title : string C60]; 

begin 

ans : = 7 ' ; 

while ans <> '4' do 

begin 
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control strategy menu ; 

select ( ' SELECT 1,2,3 or 4 : ' , [ ' 1 ' . . 7 4 ' 3 , ans ) ; 

i£ ans = ' 1 ' then 
help ( ' B ' ) 
else 

while ans <> '4' do 
begin 

clearframe ; 

select (' SELECT W)eighted, P).e.r.t, R)anking 

or Q)uitS ' , I'W' ,'P' ,'Q' ,'R'l , method) 

clearselect; 

if method - 'Q' then goto cancel; 

openf i le < f i lei , dr + cproblem+ ' • ' + method + ' dt ' , 

sizeof (st) ) ; 

if not ok then 
begin 

clearframe ; 

message ( ' YOU MUST RUN THE MODEL FIRST'); 
wait ; 

goto cancel 
end ; 

fillcharC maxNk, 10,0) ; 
f illchar (maxBCR, 10,0) ; 
case method of 

'W' : title := 'WEIGHTED METHOD: '; 

'P' : title := 'P-E.R.T- METHOD: '; 

'R' : title := 'RANKING METHOD: '; 

end; (of case) 
closef ile(filel); 
use (cproblem, method) ; 
inputl imits ; 
key : = low ; 

searchkey ( index2 , rn , key ) ; 
if ok and (key <= high) then 
with st do 

begin 
repeat 

getrec ( f i le2 , rn , st ) ; 
adj uststr ( Nk ) ; 
ad j uststr ( BCR ) ; 

if strtoreal ( Nk ) > strtoreal (maxNk) then 

begin 

maxNk : = Nk ; 
maxNkrn : - rn 
end ; 
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if strtoreal (BCR) > strtoreal (maxBCR) then 

begin 

iiaxBCR : = BCR ; 
maxBCRrn : = rn 
end ; 

next key < index2 , rn , key ) 
until not ok or (key > high) ; 
if ans = '2' then 
begin 

title := title + 'THE MOST EFFECTIVE SET'; 
rn : = maxNkrn 
end ; 

if ans = '3' then 
begin 

title := title + 'THE MOST COST EFFECTIVE SET'; 
rn : = maxBCRrn 
end ; 

clearf rame ; 

f i 1 1 char (st^sizeof ( st ) , 0 ) ; 
gotoxy< 10 , 6 ) ; write(title) ; 
getrec ( f i le 2 , rn , st ) ; 

3 : = 7; 

for i : = 1 to maxctrl do 
if setcombCi] <> '' then 
begin 

3 := 3 + i; 

f indkey ( indexl , rn , set comb C i ] ) ; 
getrec ( f i lei , rn , Ctrl ) ; 

gotoxy < 10 , j ) ; wr ite (' CONTROL ',idx,': ', 

Ctrl .description) 

end ; 

if j +8 > 21 then 
begin 
wait; 

clearf rame; 

3 := 7 

end ; 

gotoxy ( 3, j+2) ;write( 'Value of Control Set :',Vk); 
gotoxy ( 43 , j + 2) ; write ( ' Cost of Control Set :',Ck); 
gotoxy < 3 , 3 + 3 ); write ( ' Total Expected Benef it:',Nk); 

gotoxy < 43 , j +3 ); write (' Total Expected Cost :',TCk); 
gotoxy < 25 , 3 +5 ); write (' Benef it Cost Ratio :',BCR); 
gotoxy< 12 , 3 + 7 ) ; 

write( 'Prior Expected Damage Due to Exposures:', 

totaloss : 8 : 0 ) ; 
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strtoreal < Vk) ; 



adjuststr < Vk) ; 
tlosa := totaloss - 
gotoxy (12 , j + 8) ; 
write (''Post Expected Damage Due to Exposures: ' , 

tloss:8:0> 

wait; 

closef i les 
end (of if/with) 
else 
begin 

message < 'THERE IS NO ANY SET WITHIN THAT RANGE') 
wait 
end 

end; (of while) 
cancel : 

end (of while) 
end ; 
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graphics; 



overlay procedure 
label 

cancel ; 
var 
ans 
title 



currentaction 
Ylmin , Ylmax , 
Y2min, Y2max, 
tempi , temp2, 
prevCk, prevBCR, 
prevTCK 
bestsetl , 
bestset2 , i 
f lagl ,f lag2 



char ; 

string [16] ; 
string C40] ; 



real ; 

integer ; 
boolean ; 



(* computegraph computes the values of the plotarrays 
which will be used by the makegraph procedure to 
draw the graphs. *) 

overlay procedure computegraph; 
var 

ti : integer; 

begin 

if flag2 then 
ti := MaxPlotGlb 
else 

ti := 24; 

use ( cproblem , method) ; 
inputlimits ; 

message ( 'PLEASE WAIT FOR THE PREPARATION OF THE GRAPH') 
i : = 0 ; 
key := low; 

searchkey ( index2 ,rn, key ) ; 

Ylmin := S . 99E+20 ; 

Ylmax : = 0.0; 

Y2min := 9.99E^20; 

Y2max := 0.0; 

if ok and (key < = high) then 
with st do 
begin 
repeat 

if i < ti then 
begin 

getrec ( f i le2 p rn p st ) ; 

ad j uststr (key ) ; 

ad j uststr ( BCR ) ; 

ad j uststr ( TCk ) ; 

tempi := strtoreal ( BCR ) ; 

temp2 := strtoreal (TCk) ; 
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aCi,13 then 



if strtoreal(key) = 
begin 

if tempi > a Ci , 2] 
aCi,23 := tempi; 
if temp2 < bCi,23 
bCi,23 : = temp2 

end 

else 

begin 

i : = i + 1 ; 



then 

then 



a[i,l] := strtoreal ( key ) ; 
bti,l] := strtoreal < key ) ; 
a C i , 2] : = tempi ; 

bCi,2] := temp2 



end ; 

if Ylmax < tempi then 

begin 

Ylmax : = tempi ; 

bestsetl : = rn 
end; 

if Ylmin > tempi then 

Ylmin := tempi; 
if Y2min > temp2 then 

begin 

Y2min := temp2; 
bestset2 : = rn 
end ; 

if Y2max < temp2 then 
Y2max := temp2 



end; 

next key ( index2 , rn , key ) 
until not ok or (i = ti) or (key > high); 
if (i = ti) and (key < high) and ok then 
begin 

high := key; 

message (' Cannot Graph All Sets, Cost Range Has Been' 

' Adjusted ' ) 



wait 

end 

end (of if/with) 

else 

begin 

messageC 'THERE IS NO ANY SET WITHIN THAT RANGE') 
flagl := true; 
wait ; 

clearf rame 
end 
end ; 
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overlay procedure makegraph; 
var 

3 : integer; 

step : real; 

numtext : string C73 ; 
begin 

if i < 2 then 

message ('CANNOT WAKE GRAPH WITH LESS THAN 2 SETS') 
else 
begin 

initgraphic; 
setbreakof f ; 
setmessageof f ; 
setlinestyle ( 0 ) ; 
setf oregroundcolor ( 0 ) ; 

(» draw the first graph (upper left side) *) 

define window (1,0,0, trunc ( Xmaxglb/ 1 .5) ,trunc(Ymaxglb/2) ) ; 

defineheader ( 1 , 'BENEFIT COST RATIO VS COST FOR '+title); 

if flag 2 then 

begin 

def inewor Id (l,a[l,13/1.02,Ylmin/l.l,aCi,13*1.02, 

Ylmax* 1 . 1 ) ; 

selectwindow ( 1 ) ; 
select world ( 1 ) ; 
setheaderon ; 
setbackground ( 0 ) ; 
drawborder ; 

drawaxis (9, 9, 0 , 0 , 0 , 0 , 0 , 0 , false ) ; 
drawpolygon (a,l,i,4,l,0) 
end 
else 
begin 

def inewor Id (l,aCl,l] ,Ylmin/l.l,aCi,13 ,Ylmax*1.2); 

selectwindow ( 1 ) ; 

selectwor Id ( 1 ) ; 

setheaderon ; 

setbackground ( 0 ) ; 

drawborder ; 

drawhistogram (a, i, true, 4 ) ; 

drawtextW (a Cl, 13 ,Ylmax*0. 07 + Ylmin/1.1,1, 

'Costs below are in Thousands of Dollars (rounded)'); 

f i 11 char ( numtext , sizeof ( numtext ) , 0 ) ; 

step := (a Ci , 13 -a Cl, 13 ) / i; 

for 3 : = 1 to i do 

begin 

str (round ( a C j , 1 3 / 1000 ) : 7 , numtext ) ; 
ad j uststr ( numtext ) ; 

drawtextW (a [1,13 +step* ( j -1 ) , Ylmax *0 . 18+Ylmin/l.l,l, 

' ' + copy ( numtext , 1 , length(numtext) ) ) 

end 
end ; 
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(* draw the second graph at the lower left side 
of the screen . * ) 

def inewindow ( 2 , trunc ( Xmaxglb/3) , trunc(Ymaxglb/2) , 

Xmaxglb, Ymaxglb) ; 

def ineheader <2, 'TOTAL EXPECTED COST VS COST OF CONTROL', 

' / ' + title); 

if flag2 then 
begin 

flag2 := false; 

def ineworld(2,b Cl, 1] /I . 02, Y2min/1 . 02, b Ci , 1] *1.02, 

Y2max* 1 . 02) ; 



selectwindow ( 2) ; 
selectworld (2) ; 
setheaderon ; 
setbackground (0) ; 
drawborder ; 

drawaxis (9, 9, 0,0, 0,0, 0,0, false ) ; 
drawpolygon (b,l,i,4,l,0) 
end 
else 
begin 

def ineworld(2,b Cl, 1] , Y2min/1 . 1 , b Ci , 1] ,Y2max*1.2) ; 

selectwindow (2) ; 

selectworld < 2 ) ; 

setheaderon ; 

setbackground (0) ; 

drawborder ; 

drawhistogram (b, i , true, 4) ; 

drawtextW ( b C 1 , 1 ] ,Y2max*0.07 + Y2min/l.l,l, 

'Costs below are in Thousands of Dollars (rounded)'); 

f il lchar ( numtext , sizeof < numtext ) , 0) ; 

step := (b C i , 1 ] -b C 1 , 1 ] ) / i; 

for j : = 1 to i do 

begin 

str ( round < b [ j , 1 ] /1000) : 7 , numtext ) ; 
adjuststr (numtext ) ; 

drawtextW (b Cl , 1] +step* ( j -1 ) , Y2max*0 .18+Y2min/l.l,l, 

' ' copy ( numtext, l,length(numtext) ) ) 



end 
end ; 

gotoxy (55,1) ; wr ite (' GRAPHS OVER THE RANGE:') 

gotoxy (59, 2) ; writeC'Low : ' + low); 

gotoxy (59,3) ; write ( ' High : ' *► high ) ; 

gotoxy (55, 4) ; wr ite (' Number of Sets :',i:3); 

getrec ( f i le2 , bestsetl , st ) ; 

adj uststr ( st . BCR) ; 

ad juststr ( st . Ck ) ; 

gotoxy (60, 8) ; write('<<== THE BEST SET '); 
gotoxy (59,9) ; write('BCR : ',st.BCR); 

gotoxy (59, 10) ; write('Cost of set : ',st.Ck); 
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getrec(f ile2, bests© t2, st) ; 
adjuststr (st . TCk) ; 
ad j usts tr Cst.Ck) ; 

gotoxy (5,18); writeC'THE BEST SET ==>>'); 

gotoxy C 1 , 20) ; write( 'Expected cost: ',st.TCk); 

gotoxy ( 1 , 21 ) ; write( 'Cost of set: ',st.Ck>; 

gotoxy < 1 , 24 ) ; write( 'press any key 

setf oregroundcolor ( 2 ) ; 

read(kbd,ans) ; 

leavegraphic ; 

textmode; 

textcolor Cx) ; 

makef rame ; 

problemf ield ( cproblem ) ; 
action Ccurrentaction) ; 
putdate 
end ; 

closef i les ; 
end ; 

begin { of graphics) 
ans : = ' ' ; 

flagl : = false; 
flag2 := false; 

while ans <> '4' do 

begin 

graph icsmenu ; 

select ( ' SELECT 1,2,3 or 4 : ' , [ ' 1 ' . . ' 4 ' 3 , ans ) ; 

if ans = '1' then 

help ( 'G' ) ; 

while (ans <> '1') and (ans <> '4') do 

begin 

select ( ' SELECT W)eighted, P).e.r.t, R)anking 
or 0)uit: ' , C'W','P','Q','R'] , method) 

if method = 'Q' then goto cancel; 

openf ile(filel, dr + cproblem + ' . ' + method ' dt ' , 

sizeof ( st ) ) 



if not ok then 
begin 

clearf rame ; 

message ( ' YOU MUST RUN THE MODEL FIRST'); 
wait ; 

goto cancel 
end ; 
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if ok then 
begin 

if usedrecs ( f i lei ) < 2 then 

begin 

clearframe ; 

message ( " CANNOT MAKE GRAPH WITH LESS THAN 2 

SETS" ) ; 

closef ile(filel) ; 
wait ; 

closef ile(filel) ; 
goto cancel 
end ; 

closef ile(filel) ; 



case method of 
" W" : title := 
"P" : title := 

"R" : title := 

end (of case) 



"WEIGHTED METHOD " 
"P.E.R.T. METHOD " 
"RANKING METHOD " 



end; (of if ok) 



case ans of 
"2" : begin 

currentact ion := "GRAPHICS / CURVE"; 
action ( currentact ion ) ; 
flag2 := true; 
computegraph ; 
if not flagl then 
makegraph ; 
f lagl : = false ; 
ans : = " 2 " 

end ; 

"3" : begin 

currentact ion := "GRAPHICS / HISTOGRAM"; 
act ion < currentact ion ) ; 
computegraph ; 
if not flagl then 
makegraph ; 
flagl := false; 
ans : = " 3 " 

end 

end (of case) 



end; (of while) 
cancel : 

end (of while) 
end ; 
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overlay procedure printfiles; 
var 

ans : char; 

overlay procedure controlef f ectable ; 
var 

header : string C80] ; 
idx : string C23 ; 
i : integer; 

begin 

action < ' PRINTER / CONTROL TABLE'); 
f illchar Cce, sizeof (ce) ,0) ; 
f illchar ( header , sizeof ( header ) , 0 ) ; 

writeln (1st, #12, ' D ECISI0N SUPPORT ', 

'SYSTEM' : 62) ; 

writeln (1st, conststr < ' - ' , 47) : 63) ; 
writeln ( 1st) ; 

writeln ( 1st , 'COST EFFECTIVENESS ANALYSIS' :54) ; 
writeln < 1st, 'FOR' :41) ; 

writelnClst, ' CONTROL & SECURITY OF COMPUTER 

'SYSTEMS' : 62) ; 

writeln ( 1st) ; 
writeln ( 1st) ; 

writeln ( 1st , ' CONTROL ACTIVITIES FOR WORK '*cproblem); 

openf i le ( f i lei , dr + cproblem+ ' . del ' , sizeof ( ctr 1 ) ) ; 
open index ( indexl ,dr+cproblem+ ' . icl' , 

sizeof < ctrl .index) ,0) ; 
ctrlno := usedrecs ( f i lei ) ; 
cl ear key ( indexl ) ; 
header := 'EXPOSURE ! '; 

i : = 0; 
repeat 

next key < indexl ,rn,idx) ; 

if ok then 

begin 

i : = i + 1 ; 

getrec <filel,rn, ctrl ) ; 

writelnClst, ctrl . index, ' ' , ctrl . description) ; 
ceCi] := ctrl. effect; 
ccCi] := ctrl. cost; 

header := header + ctrl. index + ' ! ' 

end 

until not ok; 
closef ile(filel) ; 
closeindex < indexl ) ; 
writeln ( 1st) ; 
writeln ( 1st) ; 

writelnC 1st , 'EXPOSURES FOR WORK '^problem); 
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openf ile ( f i 1©1 , dr + cproblem+ ' . dxp' , sizeof ( expsr ) ) ; 
open index < index 1 , dr + cproblem+ ' • ixp' , 

sizeof (expsr . index) , 0) ; 

clearkey ( indexl ) ; 
repeat 

next key ( indexl , rn , idx ) ; 

if ok then 

begin 

getrec(filel,rn,expar) ; 

writeln(lst,expsr. index, ' ' , expsr . descript ion) 

end 

until not ok; 
closef ile<f ilel ) ; 
closeindex < indexl ) ; 
wr i teln ( 1st ) ; 
wr iteln ( 1st ) ; 
wr i teln ( 1st ) ; 

wr iteln ( 1st , conststr ( ' = ' , 80 ) ) ; 

wr iteln ( 1st , ' EFFECTIVENESS OF CONTROL a(i) ON EXPOSURE ', 

'e(i) ' :70) ; 

writeln ( 1st , header ) ; 
wr iteln ( 1st , conststr < ' - ' , 80 ) ) ; 
for i : = 1 to expno do 
begin 

write < 1st , i :6, ' \ ' ) ; 

for j : = 1 to ctrlno do 
write < 1st , ce tj,i]:6,' ' ) ; 

writeln ( 1st ) ; 
end ; 

writeln ( 1st) ; 
write(lst/C0ST a(i)I'); 
for i := 1 to ctrlno do 

write ( 1st , strtoreal ( cc Ci]):6:0,' '); 

writeln ( 1st ) ; 

writeln ( 1st , conststr <' = ',80>) 
end ; 



overlay procedure exposur etable ; 
begin 

action( 'PRINTER / EXPOSURE TABLE'); 

writeln (1st, #12, 'DECISION SUPPORT SYSTEM' :53) ; 
writeln ( 1st , conststr ( ' - ' , 47 ) : 63 ) ; 
writeln ( 1st) ; 

writeln ( 1st , 'COST EFFECTIVENESS ANALYSIS' : 54 ) ; 
writeln (1st, 'FOR' :41) ; 

writelndst, 'CONTROL & SECURITY OF COMPUTER 

SYSTEMS. ' : 62) ; 

writeln ( 1st ) ; 
writeln ( 1st ) ; 
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writelndst, 'EXPECTED LOSSES CAUSED BY EXPOSURES FOR WORK 

♦ ' ' +cproblem : 66 ) 

i : = 9; 
writeln ( 1 st) ; 
wr i teln ( 1 st ) ; 
writeln ( 1 st) ; 

openf i le ( f i lei , dr +cproblem+ ' .dxp' ,sizeof (expsr) ) ; 
open index ( indexl , dr+cproblem+ ' . ixp' , 

sizeof (expsr . index) , 0 ) ; 
writeln ( 1st , ' THE WEIGHTED METHOD' : 48) ; 
writeln ( 1st , const str ( ' = ' , 80) ) ; 

writeln ( 1st, ' POTENTIAL ERRORS' :37, 'AMOUNT 0F':28, 

'PROB/TY OF' : 15) 

writeln (1st, 'DAMAGE' :64, 'OCCURENCE' : 15) ; 
wri teln ( 1st , const str ( ' - ' , 80 ) ) ; 
clearkey (indexl) ; 

3 := 17; 

with expsr do 

repeat. 

next key ( indexl , rn , idx ) ; 
if ok then 
begin 

3 := 3 + i; 

getrec ( f i lei , rn , expsr ) ; 
k := 50 - length ( descri ption ) ; 

writeln( 1 st , index, ' description , const str ( ' ' , k ) 

damage : 11 , probability : 12 ) 

end 

until not ok; 

writeln (1st, conststr ( ' = ' , 80) ) ; 
i := 3 - i + 2 ; 
if 3 + i > 56 then 
write( 1 st , # 12 ) ; 
writeln ( 1 st) ; 
writeln ( 1 st ) ; 
writeln ( 1 st) ; 

writeln( 1st, 'THE P.E.R.T METH0D':48); 
writeln(lst, conststr ( ' = ' , 80) ) ; 

writelndst, 'POTENTIAL ERRORS ': 37 ,' AMOUNT OF DAMAGE' :37> 
writelndst, ' smallest ' : 61 , 'm. likely' : 10 , ' largest ' : 9 ) ; 
writeln ( 1st , conststr ( ' - ' , 80) ) ; 
clearkey ( i ndexl ) ; 
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with ©xpsr do 
repeat 

nextkey < index 1 , rn , idx ) ; 

if ok then 

begin 

getrec(filel,rn,expsr) ; 
k := 50 - length < description ) ; 

write In (1st , index , ' ' , description , conststr ( ' ' , k ) 

smallest : 8, most likely : 10, largest : 9) 

end 

until not ok; 

write In ( 1st , conststr ( ' = ' , 80) ) ; 
wr iteln ( 1st ) ; 
writeln ( 1st) ; 
wr iteln ( 1st ) ; 

writelndst, "THE RANKING METHOD' :48); 
writeln (1st, conststr ( ' = ' , 80) ) ; 
writeln (1st, ' POTENTIAL ERRORS' :37, 

'ESTIMATION OF PROBABILITY ': 42 ) 
writeln ( 1st , ' OF OCCURENCE AND DAMAGE' :78); 
writeln ( 1st, 'Rank P' :65, 'Rank Q':il); 
writeln ( 1st, conststr ( ' - ' , 80) ) ; 
clearkey ( indexl ) ; 
with expsr do 
repeat 

nextkey ( indexl ,rn, idx) ; 

if ok then 

begin 

getrec(filel,rn, expsr ) ; 
k : = 50 - length ( descript ion ) ; 

writeln ( 1st , index , ' ' , description , conststr ( ' ' , k ) 

rankP : 11 , rankQ : 11 ) 

end 

until not ok; 

writeln (1st, conststr ( ' = ' , 80 ) ) ; 
closef ile (f ilel ) ; 
closeindex ( indexl ) 
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overlay procedure 
label 

cancel ; 
var 

method 
i jp 3 ,k,rn 
mthd 
header 
begin 



printsetf i le; 



char ; 
integer ; 
string C 17] ; 
string [80] ; 



action ( ' PRINTER / SET FILE' ) ; 
f i 1 1 char < mthd , sizeof < mthd ) ,0) ; 
f il lchar < header , sizeof ( header ) , 0) ; 
f i 1 lchar ( comb , sizeof ( comb ) , 0) ; 

select (' SELECT W)eighted, P).e.r.t or R)anking 

C'W' , 'P' , 'R'] , method) ; 



case method of 

' W ' : begin 

mthd : = 
comb := 
end; 

'P' : begin 

mthd := 
comb : = 
end ; 

'R' : begin 



' WEIGHTED METHOD: ' ; 

wcombindex 



' P . E . R . T . METHOD: 
pcombindex 



mthd := 'RANKING METHOD: 
comb := rcombindex 
end 

end; (of case) 

openf ileCfilel, dr+cproblem+ ' . ' +method+ ' dt ' , sizeof ( st ) ) 

if not ok then 

begin 

message ( 'THERE IS NO FILE FOR THE '+mthd>; 
goto cancel 
end 
else 

closef i le ( f i lei ) ; 
write( 1st, #12) ; 
wr iteln ( 1st ) ; 
wr iteln ( 1st ) ; 

writelnC 1st , 'D ECISION SUPPORT 

SYSTEM' : 62) ; 
wr iteln ( 1st , conststr ('-' ,47) :63) ; 
wr iteln ( 1st ) ; 

wr iteln ( 1st , 'COST EFFECTIVENESS ANALYSIS' :54) ; 
writelnC 1st, 'FOR' :41) ; 

write.ln ( 1st , 'CONTROL & SECURITY OF COMPUTER 

SYSTEMS. ' : 62) ; 



wr iteln ( 1st ) ; 
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wri teln < 1st) ; 

writelndst, mthd+ ' CONTROL SETS FOR WORK ^cproblem : 62 ) ; 
wr iteln ( 1st ) ; 
wri teln (1st) ; 

writelndst, 'CONTROL ACTIVITIES USED BY THE CONTROL 

SETS: ' ) ; 

openf ileCfilel, dr +cproblem+ ' . del ' ,sizeof ( ctr 1 ) ) ; 

open index ( index 1 , dr + cproblem+ ' . icl ' , sizeof < ctr 1 . index ) , 0 ) ; 

clearkey ( indexl ) ; 

3 14; 

for i : = 1 to maxctrl do 
if combCi] <> '' then 
begin 

f indkey ( indexl , rn , comb Ci] ) ; 

if ok then 

begin 

getrec < f i lei , rn , ctr 1 ) ; 

writeln< 1st, Ctrl . index, ' : ' , Ctrl. description); 

3 := 3 + 1 

end 

end; (of for/if) 
closef i le ( f i lei ) ; 
closeindex ( indexl ) ; 
wr iteln < 1st ) ; 
wri teln ( 1st ) ; 

header := ' CONTROL ACTIVITIES 

' VALUE ' + ' COST EXP. COST ' + ' BCR'; 

wri teln ( 1st , header ) ; 
writelndst, conststr ( ' - ' , 80) ) ; 

openf ile(filel ,dr+cproblem+ ' . ' + method + ' dt ' , sizeof ( st ) ) ; 
open index ( indexl , dr + cproblem+ ' . ' +method+ ' ic' , 

sizeof (st.Ck) ,1) : 

clearkey ( indexl ) ; 

3 := 3 + 4; 

k : = 1; 
with st do 
repeat 

next key < indexl ,rn,idx) ; 

if ok then 

begin 

j : = 3 + i; 

if j > 56 then 

begin 

J := 5; 
k : = k + 1 ; 
write ( 1st , #12 ) ; 

write <lst,mthd+' CONTROL SETS FOR WORK ' + 

cproblem : 50 ) ; 

write ( 1st , ' page ' : 24 , k : 2 ) ; 
wr iteln ( 1st) ; 
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wr iteln (1st) ; 
wr iteln ( 1st ) ; 
writeln(lst,header) ; 
wr iteln ( 1st , const str < ' - ' , 80) ) 
end ; 

getrec(filel,rn,st) ; 
for i : = 1 to maxctrl do 
if setcombCi] <> ' ' then 
writeC 1st, set comb Ci] + ' , ' ) 
else 

write < 1st , ' ' ) ; 

write (1st, Vk : 10, Ck: 10,TCk: 10, BCR: 8) ; 
wr iteln ( 1st ) 
end 

until not ok; 
wr iteln < 1st) ; 
closef i le ( f i lei ) ; 
closeindex ( indexl ) ; 
cancel : 
end ; 

begin (of printfiles) 
ans : = ' ' ; 

while ans <> ' 5 ' do 

begin 

pr intmenu ; 

select ( ' SELECT 1,2, 3, 4 or 5 : ' , C ' 1 ' . . ' 5 ' J , ans ) 
if (ans <> '1') and Cans <> '5') then 

begin 

clearf rame ; 

message ( ' TURN YOUR PRINTER ON.'); 
wait 
end ; 

case ans of 

'1' : help < ' P ' ) ; 

' 2 ' : exposuretable ; 

' 3 ' : controlef f ectable ; 

'4' : pr intsetf i le ; 

end (of case) 
end; (of while) 
end ; 
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BEGIN (OF SENS ITIVITYANA LYSIS ) 

£ i 1 1 char ( key , sizeof ( key ) , 0 ) ; 
fill char (idx, sizeof (idx),0); 
ans : = ' ' ; 

while ans <> '5' do 
begin 

sensanalymenu ; 

select ( ' SELECT 1,2,3, 4 or 5 : ' , C ' 1 ' . . ' 5 ' ] , ans > 

case ans of 

' 1 ' : help ('S'); 

' 2 ' : controlstrategy ; 

' 3 ' : graphics; 

'4' : printfiles; 

end (of case) 

end; (of while) 

END; 
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char ) 



procedure helpCch : 

(SI-) 
var 

fl : text; 
line : string C80]; 

i,j : integer; 

begin 

assign ( £1 , ' HELP ' +ch+ ' .TXT' ) ; 
reset ( f 1 ) ; 

if IOresult = 0 then 
begin 

clrscr ; 
i : = 0 ; 

while not eof(fl) do 
begin 

read In (fl,line) ; 
writeln ( line) ; 
i : = i + 1 ; 
if i = 22 then 
begin 
wai t ; 
i : = 0; 
clrscr 
end ; 

if eof C f 1 ) then 
wait 
end ; 
clrscr ; 
makef rame ; 
putdate ; 

problemf ield(cproblem) 
end 
end ; 
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